Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

06 November 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:13:00 WinXP 115.129.17.162 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 e12a3ae2f6
NEW none[none] none:none
none|none none none

00:19:00 WinXP 117.99.55.127 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:206 hits: 01-03 to 11-05] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:00:26:00 WinXP 125.224.97.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:00:27:00 WinXP 130.13.65.64 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
AT:graz.at.eu.undernet.org
:washington.dc.us.undernet.org
SE:coins.dal.net
US:lia.zanet.net
SE:broadway.ny.us.dal.net
NL:diemen.nl.eu.undernet.org
:los-angeles.ca.us.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 2231eb8648
[Firefox: 3 hits: 10-31 to 11-03] none[none] none:none
none|none none none

01:00:00 Win2K-f 70.182.94.50 (COX.NET):
COX COMMUNICATIONS,
OKLAHOMA CITY, OKLAHOMA, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80 135 pcap raw alerts
ruleset http
114 lines Yeah : 1.3
profile none summary
tarball 32 of 33
29 of 33 87e1117f2a
[Firefox:30 hits: 07-18 to 11-05]
b4fe4581c3
[Firefox:30 hits: 07-18 to 11-05] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:01:04:00 WinXP 58.233.231.123 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 812025bc54
[Firefox: 4 hits: 10-29 to 11-05] none[none] none:none
none|none none none

T:01:08:00 WinXP 117.99.12.85 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 b27d73bfcb
[Firefox:35 hits: 10-10 to 11-05] none[none] none:none
none|none none none

T:01:23:00 WinXP 70.168.15.160 (COX.NET):
COX COMMUNICATIONS,
PROVIDENCE, RHODE ISLAND, US. n/a US:microsoft.com
US:download.microsoft.com
US:205.128.70.126:80
US:206.33.45.125:80
US:207.123.42.126:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
73f1082158
[Firefox:1872 hits: 06-18 to 11-05] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

01:26:00 WinXP 4.228.213.133 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LAS VEGAS, NEVADA, US. (DIAL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:839 hits: 12-31 to 11-05] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:01:26:00 WinXP 86.155.20.154 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:659 hits: 01-01 to 11-05] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

01:28:00 WinXP 61.193.8.60 (MESH.AD.JP):
NEC CORPORATION,
JP. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

01:28:00 Win2K-f 24.69.169.152 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
PARKSVILLE, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80 135 pcap raw alerts
ruleset other
222 lines Yeah : 1.3
profile none summary
tarball 34 of 36
32 of 36 2778910f2e
NEW
7f3f6fd066
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

01:31:00 WinXP 84.177.186.123 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
FRANKFURT, BRANDENBURG, DE. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:193 hits: 01-08 to 11-05] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

01:37:00 Win2K-f 219.110.139.244 (CATV02.ITSCOM.JP):
ITS COMMUNICATIONS INC,
JP. n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

01:38:00 WinXP 67.204.192.9 (-):
. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
:gaspode.zanet.org.za
SE:ced.dal.net
US:lia.zanet.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b23ffca78e
[Firefox: 4 hits: 10-24 to 11-02] none[none] none:none
none|none none none

01:53:00 WinXP 149.99.86.49 (ROGERSTELECOM.NET):
ROGERS TELECOM INC,
SIMCOE, ONTARIO, CA. n/a DE:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
DE:ebookfinaltrash.ru
:wpad 445 pcap raw alerts
ruleset http
http
http
http
18 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:611 hits: 01-01 to 11-05] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

02:01:00 Win2K-f 64.183.128.27 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HEMET, CALIFORNIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.53.126:80
US:4.23.60.125:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
78 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
b7082104e4
[Firefox:252 hits: 06-18 to 11-05] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

02:07:00 WinXP 122.133.237.78 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 aceaaf251d
NEW none[none] none:none
none|none none none

T:02:08:00 WinXP 219.97.166.163 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:532 hits: 01-05 to 11-05] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

02:09:00 Win2K-f 64.130.128.152 (SCRTC.COM):
SOUTH CENTRAL RURAL TELEPHONE CO,
SAN JOSE, CALIFORNIA, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:205.128.70.126:80
US:207.123.46.126:80 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
b7082104e4
[Firefox:252 hits: 06-18 to 11-05] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

02:25:00 Win2K-f 82.127.168.142 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:02:26:00 WinXP 83.49.100.234 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 805afbac09
[Firefox: 2 hits: 10-31 to 11-02] none[none] none:none
none|none none none

02:28:00 WinXP 202.221.175.199 (BMOBILE.NE.JP):
JAPAN COMMUNICATION INC,
TOKYO, TOKYO, JP. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:193 hits: 01-01 to 11-05] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

02:30:00 WinXP 218.173.5.113 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

02:34:00 WinXP 211.243.17.49 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:204.160.104.126:80 135 pcap raw alerts
ruleset http
96 lines Yeah : 1.3
profile none summary
tarball 0 of 33
32 of 36
35 of 36 e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05]
efd642e95b
NEW
f7d1c51b14
NEW e07c29c4ae [1]
none [none]
none [none] ASM:Graph
none:none
none:none
FSG|
none|none
none|none lines=92
none
none trace
none
none

T:02:44:00 WinXP 190.30.191.49 (NET.AR):
APOLO -GOLD-TELECOM-PER,
CORDOBA, CORDOBA, AR. n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 96d089e522
[Firefox:50 hits: 10-08 to 11-05] none[none] none:none
none|none none none

T:02:45:00 WinXP 222.237.133.203 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a SE:vancouver.dal.net
:proxim.ircgalaxy.pl
:flanders.be.eu.undernet.org
:brussels.be.eu.undernet.org 135 pcap raw alerts
ruleset other
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

03:03:00 Win2K-f 4.235.84.43 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
TALLAHASSEE, FLORIDA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80
US:205.128.70.126:80
US:207.123.37.124:80 135 pcap raw alerts
ruleset other
143 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
b7082104e4
[Firefox:252 hits: 06-18 to 11-05] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

T:03:05:00 WinXP 151.59.100.11 (38-151.NET24.IT):
IUNET-BNET,
IT. 194.14.236.50:6667 :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset irc
7 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:03:06:00 WinXP 122.55.217.0 (PLDT.NET):
IPG,
PH. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 dc558084f5
[Firefox: 2 hits: 10-30 to 11-01] none[none] none:none
none|none none none

03:28:00 Win2K-f 211.200.251.245 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.201.126:80
US:207.123.37.125:80 135 pcap raw alerts
ruleset http
136 lines Yeah : 1.3
profile none summary
tarball 30 of 33
30 of 33 69be040d0b
[Firefox: 6 hits: 06-21 to 09-30]
81bbbeac34
[Firefox: 6 hits: 06-21 to 09-30] none[4]
81bbbeac34[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:03:30:00 WinXP 89.242.95.37 (-):
OPAL TELECOM DSL,
LONDON, ENGLAND, UK. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 f32b37da28
NEW none[none] none:none
none|none none none

03:32:00 WinXP 89.195.7.27 (-):
ORANGE,
UK. 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 36 of 36 fd113df0bb
[Firefox: 2 hits: 10-25 to 11-02] none[none] none:none
none|none none none

03:32:00 WinXP 114.158.62.128 (-):
. n/a :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 35 of 36 0802fac8ae
NEW none[none] none:none
none|none none none

T:03:40:00 WinXP 93.156.67.228 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 7fd7475c63
[Firefox: 8 hits: 10-29 to 11-05] none[none] none:none
none|none none none

03:46:00 WinXP 41.214.172.9 (-):
. n/a RU:moscow-advokat.ru
:caen.fr.eu.undernet.org
SE:coins.dal.net
:gaspode.zanet.org.za
SE:vancouver.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 66897a8fbb
NEW none[none] none:none
none|none none none

T:03:47:00 WinXP 83.213.107.42 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 b27d73bfcb
[Firefox:35 hits: 10-10 to 11-05] none[none] none:none
none|none none none

T:04:00:00 WinXP 173.32.247.86 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80
US:207.123.37.125:80 135 pcap raw alerts
ruleset http
255 lines Yeah : 1.3
profile none summary
tarball 34 of 36
34 of 36
0 of 33 1a2c8ec118
NEW
4c99d35b8a
NEW
e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05] none[none]
none [none]
e07c29c4ae[1] none:none
none:none
ASM:Graph
none|none
none|none
FSG| none
none
lines=92 none
none
trace

T:04:04:00 WinXP 220.225.22.171 (PHOTONINFOTECH.COM):
RELIANCE INFOCOM LTD,
IN. n/a 135 pcap raw alerts
ruleset other
351 lines Yeah : 1.3
profile none summary
tarball 31 of 36 7a5ce428e5
NEW none[none] none:none
none|none none none

04:05:00 WinXP 86.154.237.91 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SWANSEA, WALES, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:659 hits: 01-01 to 11-05] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

04:24:00 WinXP 79.74.87.6 (AS9105.COM):
TELINCO,
UK. n/a EU:siliconfireware.ru
US:searchportal.information.com
RU:www.bbin.ru
:wpad
GB:welcome3.smile.co.uk
RU:195.200.213.54:80
US:208.73.210.121:80
DE:217.11.54.126:80 445 pcap raw alerts
ruleset http
http
http
3 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:611 hits: 01-01 to 11-05] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

04:30:00 Win2K-f 63.25.178.7 (UU.NET):
UUNET TECHNOLOGIES INC,
NEWARK, NEW JERSEY, US. n/a 135 pcap raw alerts
ruleset other
127 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:1872 hits: 06-18 to 11-05] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

04:34:00 WinXP 208.61.162.70 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
ATLANTA, GEORGIA, US. (DSL) n/a DE:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
:wpad 445 pcap raw alerts
ruleset http
http
http
17 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:300 hits: 01-01 to 11-05] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:04:34:00 WinXP 190.18.195.123 (-):
. n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 96d089e522
[Firefox:50 hits: 10-08 to 11-05] none[none] none:none
none|none none none

T:04:39:00 WinXP 98.133.99.221 (-):
ALLTEL MIP CUSTOMERS - LITTLE ROCK,
LITTLE ROCK, ARKANSAS, US. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 8f7a9a1200
NEW none[none] none:none
none|none none none

04:47:00 WinXP 118.86.74.219 (-):
. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
124 lines Yeah : 1.3
profile none summary
tarball 32 of 36
0 of 33
34 of 36 0b951c2832
[Firefox: 9 hits: 08-19 to 11-04]
e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05]
e4ed4df0f0
[Firefox: 9 hits: 08-19 to 11-04] none[none]
e07c29c4ae[1]
none [none] none:none
ASM:Graph
none:none
none|none
FSG|
none|none none
lines=92
none none
trace
none

T:04:52:00 WinXP 118.231.71.249 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:04:53:00 WinXP 218.161.100.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a RU:moscow-advokat.ru
:caen.fr.eu.undernet.org
:los-angeles.ca.us.undernet.org
:washington.dc.us.undernet.org
SE:qis.md.us.dal.net
NL:diemen.nl.eu.undernet.org
:flanders.be.eu.undernet.org
:lulea.se.eu.undernet.org
US:lia.zanet.net
SE:broadway.ny.us.dal.net
SE:ozbytes.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 8ec10ef1d2
NEW none[none] none:none
none|none none none

04:54:00 WinXP 218.161.100.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 8ec10ef1d2
NEW none[none] none:none
none|none none none

T:05:03:00 WinXP 76.87.208.17 (G-M-I.NET):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:206.33.45.125:80 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
73f1082158
[Firefox:1872 hits: 06-18 to 11-05]
e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05] none[4]
73f1082158[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

T:05:08:00 WinXP 94.50.180.92 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 b872c76081
[Firefox:71 hits: 09-13 to 11-05] none[none] none:none
none|none none none

05:10:00 WinXP 94.50.180.92 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 b872c76081
[Firefox:71 hits: 09-13 to 11-05] none[none] none:none
none|none none none

05:36:00 WinXP 4.226.231.141 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MCKINNEY, TEXAS, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 f502585714
[Firefox:53 hits: 01-02 to 11-02] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

T:05:42:00 WinXP 114.48.181.212 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 0d2740acc9
[Firefox: 4 hits: 10-14 to 11-05] none[none] none:none
none|none none none

T:05:48:00 WinXP 88.156.58.148 (VECTRANET.PL):
VECTRA S.A,
OLSZTYN, WARMINSKO-MAZURSKIE, PL. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 4463bd5a0a
NEW none[none] none:none
none|none none none

T:05:56:00 WinXP 190.188.71.42 (NET.AR):
PRIMA S.A,
AR. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 91f1b28614
NEW none[none] none:none
none|none none none

06:08:00 Win2K-f 70.237.179.20 (-):
BARREWOODS,
KANSAS CITY, MISSOURI, US. n/a 135 pcap raw alerts
ruleset other
10 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:06:16:00 WinXP 62.105.22.223 (ISURGUT.RU):
OPEN JOINT-STOCK COMPANY URALSVIAZINFORM BRANCH OF THE KHANTYMANSIYSK REGION,
RU. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 0d2740acc9
[Firefox: 4 hits: 10-14 to 11-05] none[none] none:none
none|none none none

06:18:00 Win2K-f 68.74.66.114 (-):
PPPOX POOL - EMHRIL RBACK,
CHICAGO, ILLINOIS, US. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
73f1082158
[Firefox:1872 hits: 06-18 to 11-05]
b5919931fe
[Firefox:1071 hits: 06-20 to 11-05] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

06:43:00 WinXP 89.201.114.16 (-):
BALTKOM,
LV. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 7fd7475c63
[Firefox: 8 hits: 10-29 to 11-05] none[none] none:none
none|none none none

06:46:00 WinXP 122.52.91.218 (PLDT.NET):
IPG,
PH. n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:192.221.99.124:80
US:198.78.220.124:80
US:204.160.104.126:80 135 pcap raw alerts
ruleset other
126 lines Yeah : 1.3
profile none summary
tarball 29 of 33
33 of 33 16874933ea
[Firefox:59 hits: 06-18 to 11-02]
76ee340669
[Firefox:59 hits: 06-18 to 11-02] 16874933ea [1]
none [4] ASM:Graph
none:none
Armadillo|
PolyEnE| lines=82
none trace
trace

T:06:46:00 WinXP 92.250.67.188 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:10 hits: 10-27 to 11-03] none[none] none:none
none|none none none

06:59:00 Win2K-f 114.201.118.137 (-):
. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
87 lines Yeah : 1.3
profile none summary
tarball 31 of 33
2 of 36 8ec6129efe
[Firefox:24 hits: 06-24 to 11-05]
d9766a3162
[Firefox: 3 hits: 08-29 to 11-05] none[4]
none [none] none:none
none:none
tElock|
none|none none
none trace
none

T:07:06:00 WinXP 41.214.176.229 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 66897a8fbb
NEW none[none] none:none
none|none none none

T:07:13:00 WinXP 92.124.35.52 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 1f8b36b823
[Firefox: 2 hits: 10-27 to 10-28] none[none] none:none
none|none none none

07:14:00 WinXP 62.11.117.13 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
IT. (DIAL) n/a DE:siliconfireware.ru
US:searchportal.information.com
GB:welcome3.smile.co.uk
:wpad
US:spi.domainsponsor.com
GB:195.92.84.198:80 445 pcap raw alerts
ruleset http
http
http
14 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:300 hits: 01-01 to 11-05] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:07:29:00 WinXP 92.41.170.230 (IKBCC.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 35914d27e2
NEW none[none] none:none
none|none none none

T:07:38:00 WinXP 24.28.161.32 (RR.COM):
ROAD RUNNER HOLDCO LLC,
EL PASO, TEXAS, US. (100Mbps) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 1fcc146d70
[Firefox:64 hits: 01-02 to 11-02] 258fafe892 [0] ASM:Graph
PolyEnE| lines=68 trace

T:07:43:00 WinXP 76.10.25.178 (PAVLOVMEDIA.COM):
VILLAGE AT CHANDLER CROSSING,
EAST LANSING, MICHIGAN, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:206 hits: 01-03 to 11-05] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:07:44:00 Win2K-f 4.224.147.173 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MONROVIA, INDIANA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
159 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
73f1082158
[Firefox:1872 hits: 06-18 to 11-05] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

07:52:00 WinXP 4.225.20.253 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
KOKOMO, INDIANA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:4.23.60.126:80 135 pcap raw alerts
ruleset http
111 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33
0 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
a08f3b74a4
[Firefox:1346 hits: 06-18 to 11-05]
e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05] none[4]
a08f3b74a4[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

07:55:00 WinXP 83.191.129.129 (SWIP.NET):
SWIPNET,
SE. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 5ccd948a20
NEW none[none] none:none
none|none none none

T:07:56:00 WinXP 83.191.129.129 (SWIP.NET):
SWIPNET,
SE. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 5ccd948a20
NEW none[none] none:none
none|none none none

07:58:00 WinXP 124.60.7.129 (-):
POWERCOM,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 33 of 36 413c9ac28b
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

08:05:00 Win2K-f 88.180.87.129 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:11 hits: 10-20 to 11-05] none[none] none:none
none|none none none

08:06:00 Win2K-f 89.137.78.39 (-):
ASTRAL SIGHET DOCSIS NETWORK,
BAIA MARE, MARAMURES, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 3eeb212cb1
[Firefox: 6 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:08:08:00 Win2K-f 58.230.111.146 (-):
THRUNET-INFRA-SEOUL01,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 55bd33c9be
NEW none[none] none:none
none|none none none

08:13:00 WinXP 218.51.4.11 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
17 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox: 6 hits: 10-21 to 10-29] none[none] none:none
none|none none none

08:15:00 Win2K-f 58.230.111.146 (-):
THRUNET-INFRA-SEOUL01,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 55bd33c9be
NEW none[none] none:none
none|none none none

T:08:17:00 WinXP 84.112.206.168 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 5 hits: 10-26 to 11-05] none[none] none:none
none|none none none

T:08:21:00 WinXP 89.136.110.237 (-):
ASTRAL BISTRITA DOCSIS,
CONSTANTA, CONSTANTA, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 cd712316e7
[Firefox: 3 hits: 10-26 to 10-29] none[none] none:none
none|none none none

T:08:22:00 Win2K-f 85.66.228.139 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 fcb6426ef8
NEW none[none] none:none
none|none none none

08:24:00 WinXP 221.139.99.218 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 309c09b7c2
NEW none[none] none:none
none|none none none

T:08:26:00 WinXP 122.214.253.115 (UCOM.NE.JP):
IML,
JP. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 35 a94f8fd4c2
[Firefox:16 hits: 07-29 to 10-22] none[none] none:none
none|none none none

08:30:00 Win2K-f 82.231.44.106 (PROXAD.NET):
PROXAD / FREE SAS,
DUSSELDORF, NORDRHEIN-WESTFALEN, DE. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:08:31:00 Win2K-f 213.22.235.92 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

08:32:00 Win2K-f 94.109.39.198 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:26 hits: 07-29 to 10-29] none[none] none:none
none|none none none

08:33:00 WinXP 78.34.5.95 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
KOELN, NORDRHEIN-WESTFALEN, DE. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 29e08ec656
NEW none[none] none:none
none|none none none

08:34:00 Win2K-f 88.174.216.244 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:17 hits: 09-26 to 10-29] none[none] none:none
none|none none none

T:08:37:00 Win2K-f 66.220.110.158 (BENDCABLE.COM):
BEND CABLE COMMUNICATIONS LLC,
BEND, OREGON, US. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

08:39:00 Win2K-f 89.136.45.116 (UPCNET.RO):
ASTRAL UPC TIMISOARA,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 3 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:08:41:00 WinXP 212.186.123.152 (GISQUADRAT.COM):
UPC TELEKABEL,
VIENNA, WIEN, AT. n/a 139 pcap raw alerts
ruleset ftp
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:08:42:00 Win2K-f 86.141.236.89 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
WILMSLOW, ENGLAND, UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 b3ce57c019
[Firefox:12 hits: 08-15 to 10-29] none[none] none:none
none|none none none

T:08:47:00 WinXP 90.155.175.66 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 27 of 36 e56a7b17f2
NEW none[none] none:none
none|none none none

08:50:00 WinXP 211.236.194.253 (-):
CJ CABLENET PUKINCHEON BROADCASTING CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 cc8840e4b7
[Firefox: 4 hits: 10-20 to 10-28] none[none] none:none
none|none none none

08:55:00 WinXP 190.245.241.116 (-):
. n/a UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:09:01:00 Win2K-f 78.131.118.169 (-):
EMKTV HATVAN DOCSIS,
HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

09:04:00 Win2K-f 90.155.180.164 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 22 of 36 f4b810d36b
NEW none[none] none:none
none|none none none

09:06:00 WinXP 84.112.206.168 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 5 hits: 10-26 to 11-05] none[none] none:none
none|none none none

T:09:06:00 Win2K-f 78.97.3.161 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 49d3ae6498
NEW none[none] none:none
none|none none none

T:09:07:00 WinXP 78.155.160.111 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

09:11:00 WinXP 78.131.105.160 (-):
EMKTV DEBRECEN DOCSIS,
BUCHAREST, BUCURESTI, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

09:14:00 Win2K-f 85.67.82.17 (-):
FIBERNET,
HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

09:14:00 WinXP 84.112.105.134 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. (DSL) 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

09:15:00 Win2K-f 122.46.159.153 (-):
POWERCOMM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 40813a3f3b
NEW none[none] none:none
none|none none none

09:19:00 WinXP 210.3.86.6 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 2402e86269
NEW none[none] none:none
none|none none none

T:09:20:00 Win2K-f 83.215.216.229 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:09:22:00 WinXP 82.194.133.84 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:09:23:00 Win2K-f 119.148.137.146 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

09:25:00 Win2K-f 78.131.86.205 (-):
EMKTV BUDAPEST VLAN 11 DOCSIS,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:09:25:00 WinXP 218.191.195.40 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 114d93b412
[Firefox: 5 hits: 10-22 to 10-29] none[none] none:none
none|none none none

T:09:26:00 WinXP 85.107.184.66 (TTNET.NET.TR):
PROVIDER LOCAL REGISTRY,
IZMIR, IZMIR, TR. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 c3be2ee601
[Firefox: 5 hits: 10-22 to 10-28] none[none] none:none
none|none none none

09:35:00 WinXP 24.71.41.32 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CHILLIWACK, BRITISH COLUMBIA, CA. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
:parex-bank.ru
EU:crutop.nu
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 1e3cef226f
[Firefox: 2 hits: 11-04 to 11-04] none[none] none:none
none|none none none

T:09:37:00 Win2K-f 88.160.80.204 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 74c6c141d8
[Firefox:11 hits: 08-02 to 10-26] none[none] none:none
none|none none none

T:09:39:00 WinXP 78.34.228.176 (NETCOLOGNE.DE):
NETCOLOGNE,
DE. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 33 of 36 08f7a637d6
[Firefox: 3 hits: 11-04 to 11-05] none[none] none:none
none|none none none

09:40:00 Win2K-f 203.223.115.121 (-):
CJ CABLENET PUKINCHEON BROADCASTING CO. LTD,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 5 hits: 10-26 to 11-05] none[none] none:none
none|none none none

T:09:43:00 Win2K-f 89.136.56.40 (UPCNET.RO):
ASTRAL UPC PLOIESTI,
PLOIESTI, PRAHOVA, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a7422033a1
NEW none[none] none:none
none|none none none

T:09:44:00 WinXP 88.31.103.94 (RIMA-TDE.NET):
TELEFONICA MOVILES ESPANA (NCC#2007041930),
ES. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a7422033a1
NEW none[none] none:none
none|none none none

T:09:49:00 WinXP 77.243.220.163 (VARSAT.NET):
GPINETKFT,
HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

09:50:00 WinXP 86.141.236.89 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
WILMSLOW, ENGLAND, UK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 23 of 36 b3ce57c019
[Firefox:12 hits: 08-15 to 10-29] none[none] none:none
none|none none none

T:09:54:00 WinXP 88.240.213.106 (TTNET.NET.TR):
TT ADSL-ALCATEL_ACI,
IZMIR, IZMIR, TR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:09:55:00 Win2K-f 116.45.61.69 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:56:00 Win2K-f 85.67.0.134 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

10:00:00 Win2K-f 86.52.213.233 (REV.STOFANET.DK):
STOFANET-INET-CIDR,
DK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:10:04:00 Win2K-f 78.96.166.255 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 76b7a2a0ad
[Firefox: 3 hits: 11-05 to 11-05] none[none] none:none
none|none none none

10:06:00 WinXP 212.253.11.165 (SUPERONLINE.COM):
SUPERONLINE INC,
ISTANBUL, ISTANBUL, TR. n/a DE:siliconfireware.ru
GB:welcome3.smile.co.uk
:wpad
CA:www.bmo.com
RU:www.mmbank.ru
RU:www.uniastrum.ru
GB:195.92.84.198:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:611 hits: 01-01 to 11-05] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

10:06:00 Win2K-f 122.43.61.89 (-):
POWERCOMM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

10:09:00 Win2K-f 86.52.218.236 (REV.STOFANET.DK):
STOFANET-INET-CIDR,
DK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:10:09:00 Win2K-f 88.188.76.229 (PRESTONAUTO.COM):
PROXAD INTERNET SERVICE PROVIDER IN FRANCE,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 6b28308388
[Firefox: 3 hits: 11-05 to 11-05] none[none] none:none
none|none none none

10:14:00 WinXP 75.85.254.111 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:10:15:00 WinXP 85.121.204.99 (RNC.RO):
RNC,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:10:16:00 WinXP 124.61.247.167 (-):
POWERCOM,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 1fcccd1ef4
NEW none[none] none:none
none|none none none

T:10:20:00 WinXP 78.97.45.59 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 f4296e2474
NEW none[none] none:none
none|none none none

10:31:00 WinXP 82.231.152.86 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

10:32:00 WinXP 83.215.104.215 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

10:32:00 Win2K-f 82.225.81.79 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 8f12c23716
NEW none[none] none:none
none|none none none

10:33:00 Win2K-f 218.191.195.40 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 114d93b412
[Firefox: 5 hits: 10-22 to 10-29] none[none] none:none
none|none none none

10:34:00 WinXP 84.237.144.253 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
NL:diemen.nl.eu.undernet.org
AT:graz.at.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:coins.dal.net
US:lia.zanet.net
SE:ced.dal.net
NO:london.uk.eu.undernet.org
:brussels.be.eu.undernet.org
SE:ozbytes.dal.net
:lulea.se.eu.undernet.org
:caen.fr.eu.undernet.org
:washington.dc.us.undernet.org
SE:broadway.ny.us.dal.net
SE:vancouver.dal.net
:gaspode.zanet.org.za
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 805afbac09
[Firefox: 2 hits: 10-31 to 11-02] none[none] none:none
none|none none none

T:10:39:00 Win2K-f 88.27.95.170 (CAMPUSPARTY06.NET):
TELEFONICA DE ESPANA (NCC#2007050901),
ES. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 36 f561c235d5
NEW none[none] none:none
none|none none none

10:40:00 Win2K-f 85.67.42.224 (-):
FIBERNET,
HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

10:44:00 WinXP 85.138.218.248 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
ALMADA, SETUBAL, PT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 cd712316e7
[Firefox: 3 hits: 10-26 to 10-29] none[none] none:none
none|none none none

T:10:49:00 WinXP 124.57.35.121 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 22 of 36 c16de16ef1
NEW none[none] none:none
none|none none none

T:10:50:00 WinXP 80.108.51.191 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:10:52:00 Win2K-f 77.243.209.116 (GPINET.HU):
GENCSAPATI IP POOL,
HU. n/a 139 pcap raw alerts
ruleset ftp
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:10:54:00 WinXP 78.97.43.210 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ed84068c1f
[Firefox: 2 hits: 11-05 to 11-05] none[none] none:none
none|none none none

T:10:54:00 WinXP 78.97.45.253 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
13 lines Yeah : 1.3
profile none summary
tarball 32 of 36 f4296e2474
NEW none[none] none:none
none|none none none

11:00:00 WinXP 24.85.233.19 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

11:06:00 Win2K-f 82.240.208.113 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:26 hits: 07-29 to 10-29] none[none] none:none
none|none none none

11:10:00 Win2K-f 88.170.166.23 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 34 of 36 e07c702551
NEW none[none] none:none
none|none none none

T:11:11:00 WinXP 151.67.21.233 (38-151.NET24.IT):
IUNET-BNET,
IT. n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:11:11:00 Win2K-f 62.107.29.197 (REV.STOFANET.DK):
STOFANET-AARH-NET,
AALBORG, NORDJYLLAND, DK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 28 of 36 c3be2ee601
[Firefox: 5 hits: 10-22 to 10-28] none[none] none:none
none|none none none

11:14:00 Win2K-f 118.221.167.144 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 e07befe036
NEW none[none] none:none
none|none none none

T:11:14:00 Win2K-f 89.186.134.167 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 5 hits: 10-26 to 11-05] none[none] none:none
none|none none none

T:11:15:00 Win2K-f 172.164.86.124 (AOL.COM):
AMERICA ONLINE,
US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
115 lines Yeah : 1.3
profile none summary
tarball 30 of 33
0 of 32
29 of 33 3373948767
[Firefox:40 hits: 07-03 to 11-05]
b5919931fe
[Firefox:1071 hits: 06-20 to 11-05]
c73f738c30
[Firefox:40 hits: 07-03 to 11-05] none[none]
b5919931fe[1]
none [none] none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

11:20:00 WinXP 219.250.130.134 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 d04ab35d10
NEW none[none] none:none
none|none none none

T:11:24:00 WinXP 85.67.178.237 (-):
FIBERNET,
HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:11:29:00 WinXP 79.175.202.55 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 34 of 36 f9fbdd5ce8
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:11:37:00 WinXP 203.130.177.213 (-):
TAEGU NAMSAN 4-DONG JUNG-GU DAEGU,
TAEGU, KYONGSANG-BUKTO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
32 lines Yeah : 1.3
profile none summary
tarball 33 of 36 06e2d488ac
NEW none[none] none:none
none|none none none

11:43:00 Win2K-f 86.105.215.151 (XANDRANET.RO):
SC XANDRA SOLUTIONS SRL,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

11:45:00 Win2K-f 79.175.205.216 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 5a38a2e599
NEW none[none] none:none
none|none none none

T:11:49:00 WinXP 82.240.208.113 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:26 hits: 07-29 to 10-29] none[none] none:none
none|none none none

T:11:51:00 Win2K-f 218.53.217.226 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 aab2c4c235
NEW none[none] none:none
none|none none none

T:11:54:00 WinXP 78.97.0.211 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 34 of 36 4462fe60b2
NEW none[none] none:none
none|none none none

11:57:00 WinXP 211.210.240.241 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 36 07bf4c374e
NEW none[none] none:none
none|none none none

T:12:00:00 WinXP 78.131.12.30 (-):
EMKTV BUDAPEST VLAN 10 DOCSIS,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:12:01:00 WinXP 79.175.248.138 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

12:03:00 WinXP 116.45.55.110 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:05:00 Win2K-f 78.154.135.154 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 35 3f4f3c33fe
[Firefox: 3 hits: 10-28 to 11-05] none[none] none:none
none|none none none

12:08:00 Win2K-f 86.105.125.144 (-):
SC HQS SRL,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
13 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

12:11:00 WinXP 74.141.72.130 (INSIGHTBB.COM):
INSIGHT COMMUNICATIONS COMPANY L.P,
LOUISVILLE, KENTUCKY, US. n/a RU:moscow-advokat.ru
:lulea.se.eu.undernet.org
:los-angeles.ca.us.undernet.org
:brussels.be.eu.undernet.org
US:lia.zanet.net
SE:ced.dal.net
NL:diemen.nl.eu.undernet.org
:gaspode.zanet.org.za
:flanders.be.eu.undernet.org
SE:vancouver.dal.net
SE:broadway.ny.us.dal.net
SE:ozbytes.dal.net
SE:coins.dal.net
SE:qis.md.us.dal.net
:washington.dc.us.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:839 hits: 12-31 to 11-05] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:12:19:00 WinXP 89.195.129.162 (-):
ORANGE,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 7f95550815
NEW none[none] none:none
none|none none none

T:12:20:00 WinXP 145.116.16.91 (DE.KEY.INVALID):
WOONSTICHTING DE KEY,
AMSTERDAM, NOORD-HOLLAND, NL. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a7422033a1
NEW none[none] none:none
none|none none none

T:12:20:00 Win2K-f 78.155.200.60 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:12:25:00 WinXP 88.251.232.80 (TTNET.NET.TR):
TT ADSL-ALCATEL DYNAMIC_ACI,
MANISA, MANISA, TR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 5 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:12:26:00 Win2K-f 82.225.116.167 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 61263eadec
NEW none[none] none:none
none|none none none

T:12:29:00 WinXP 78.51.70.85 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:12:31:00 Win2K-f 88.180.69.180 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:11 hits: 10-20 to 11-05] none[none] none:none
none|none none none

T:12:32:00 WinXP 83.215.12.162 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

12:34:00 WinXP 210.221.92.23 (-):
THRUNET CO. LTD,
KOTA KINABALU, SABAH, MY. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 70022553db
NEW none[none] none:none
none|none none none

T:12:34:00 WinXP 90.155.139.231 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 ae8ca7b450
NEW none[none] none:none
none|none none none

12:37:00 Win2K-f 61.224.132.47 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:118 hits: 07-13 to 11-05] none[none] none:none
none|none none none

12:41:00 WinXP 84.112.116.202 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 26 of 35 89d021262b
[Firefox:24 hits: 07-29 to 10-28] none[none] none:none
none|none none none

12:47:00 Win2K-f 83.103.134.117 (ASTRAL.RO):
ASTRAL-CJ-DOCSIS,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 3 hits: 10-22 to 11-05] none[none] none:none
none|none none none

12:54:00 WinXP 89.136.24.166 (UPCNET.RO):
ASTRAL-UPC ROMAN,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 918355cad9
[Firefox: 8 hits: 10-26 to 11-05] none[none] none:none
none|none none none

12:57:00 Win2K-f 85.186.0.20 (ASTRAL.RO):
ASTRAL CLUJ-NAPOCA DOCSIS,
CLUJ-NAPOCA, CLUJ, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:13:02:00 WinXP 89.32.97.42 (KB.RO):
SC INTERNET ISP SRL,
PITESTI, ARGES, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

13:05:00 Win2K-f 83.103.137.153 (ASTRAL.RO):
ASTRAL CLUJ TURDA DOCSIS,
TURDA, CLUJ, RO. (100Mbps) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

13:13:00 Win2K-f 88.165.241.146 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:20 hits: 08-15 to 10-28] none[none] none:none
none|none none none

13:14:00 Win2K-f 82.225.184.181 (PROXAD.NET):
PROXAD / FREE SAS,
MONTPELLIER, LANGUEDOC-ROUSSILLON, FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 4efc3b4f82
NEW none[none] none:none
none|none none none

T:13:15:00 WinXP 123.204.143.244 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:10 hits: 10-27 to 11-03] none[none] none:none
none|none none none

13:17:00 WinXP 123.204.143.244 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:10 hits: 10-27 to 11-03] none[none] none:none
none|none none none

T:13:19:00 WinXP 88.162.163.132 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:13:21:00 WinXP 85.186.165.149 (ASTRAL.RO):
ASTRAL-BR-AIPA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 6b28308388
[Firefox: 3 hits: 11-05 to 11-05] none[none] none:none
none|none none none

T:13:23:00 Win2K-f 78.96.169.174 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 27 of 35 e019377a4f
[Firefox: 3 hits: 10-28 to 11-05] none[none] none:none
none|none none none

T:13:26:00 Win2K-f 83.228.82.100 (FANBG.NET):
BULGARIAN TELECOMMUNICATIONS COMPANY PLC,
BG. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:13:26:00 WinXP 88.108.113.162 (AS9105.COM):
TISCALI UK LTD,
LONDON, ENGLAND, UK. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:13:28:00 Win2K-f 89.122.128.131 (PLATINUMGROUP.RO):
ARTELECOM,
RO. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

13:30:00 WinXP 83.213.18.17 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 f3f1ed8b36
[Firefox: 8 hits: 11-02 to 11-05] none[none] none:none
none|none none none

13:31:00 WinXP 89.137.245.179 (-):
ASTRAL TIMISOARA DOCSIS NETWORK,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 3 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:13:34:00 WinXP 221.125.215.192 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

13:35:00 Win2K-f 89.137.164.39 (-):
ASTRAL MIOVENI DOCSIS NETWORK,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 3 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:13:39:00 WinXP 98.175.167.206 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:8.12.202.125:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
73f1082158
[Firefox:1872 hits: 06-18 to 11-05]
e07c29c4ae
[Firefox:798 hits: 06-19 to 11-05] none[4]
73f1082158[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

13:41:00 Win2K-f 86.105.240.10 (MURY.RO):
SC NEW COM TELECOMUNICATII SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

13:42:00 Win2K-f 85.14.73.144 (NET.PL):
AKKNET NETWORK,
PL. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

13:46:00 Win2K-f 88.173.229.69 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 28 of 36 c3be2ee601
[Firefox: 5 hits: 10-22 to 10-28] none[none] none:none
none|none none none

T:13:49:00 Win2K-f 116.46.248.107 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

13:50:00 WinXP 83.197.220.216 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
CANNES, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

13:50:00 WinXP 222.232.36.173 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 66fbb8d9f4
NEW none[none] none:none
none|none none none

13:55:00 WinXP 89.137.183.6 (-):
ASTRAL PLOIESTI DOCSIS NETWORK,
PLOIESTI, PRAHOVA, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c37468ce14
NEW none[none] none:none
none|none none none

T:13:55:00 WinXP 218.238.180.68 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:14:01:00 Win2K-f 84.112.116.202 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 35 89d021262b
[Firefox:24 hits: 07-29 to 10-28] none[none] none:none
none|none none none

T:14:11:00 WinXP 218.236.160.114 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:14:11:00 Win2K-f 82.240.67.232 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none af222ae6db
[Firefox:14 hits: 08-15 to 10-29] none[none] none:none
none|none none none

T:14:14:00 WinXP 212.10.34.198 (REV.STOFANET.DK):
TELIA STOFA A/S,
SLAGELSE, VESTSJALLAND, DK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:118 hits: 07-13 to 11-05] none[none] none:none
none|none none none

T:14:14:00 Win2K-f 93.88.18.197 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

14:24:00 WinXP 85.108.205.113 (TTNET.NET.TR):
TURK TELEKOM ADSL-ALCATEL,
ISTANBUL, ISTANBUL, TR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
28 lines Yeah : 1.3
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:17 hits: 09-26 to 10-29] none[none] none:none
none|none none none

14:24:00 WinXP 79.175.202.55 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 f9fbdd5ce8
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:14:29:00 WinXP 211.179.171.217 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:11 hits: 08-15 to 10-28] none[none] none:none
none|none none none

14:31:00 Win2K-f 212.10.34.198 (REV.STOFANET.DK):
TELIA STOFA A/S,
SLAGELSE, VESTSJALLAND, DK. 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:118 hits: 07-13 to 11-05] none[none] none:none
none|none none none

T:14:32:00 WinXP 89.137.183.6 (-):
ASTRAL PLOIESTI DOCSIS NETWORK,
PLOIESTI, PRAHOVA, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c37468ce14
NEW none[none] none:none
none|none none none

T:14:33:00 Win2K-f 89.136.24.166 (UPCNET.RO):
ASTRAL-UPC ROMAN,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 918355cad9
[Firefox: 8 hits: 10-26 to 11-05] none[none] none:none
none|none none none

14:36:00 Win2K-f 122.217.94.98 (UCOM.NE.JP):
UCOM CORP,
JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 50649fc087
[Firefox:21 hits: 07-29 to 11-05] none[none] none:none
none|none none none

14:36:00 Win2K-f 58.239.169.32 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 3eeb212cb1
[Firefox: 6 hits: 10-22 to 11-05] none[none] none:none
none|none none none

14:38:00 Win2K-f 78.131.26.6 (-):
EMKTV BUDAPEST VLAN 06 DOCSIS,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

14:38:00 WinXP 79.78.213.235 (AS9105.COM):
TELINCO,
UK. 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 f9fbdd5ce8
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:14:40:00 Win2K-f 212.186.208.102 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:15 hits: 10-20 to 11-05] none[none] none:none
none|none none none

T:14:47:00 WinXP 24.85.5.229 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:27 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:14:49:00 WinXP 79.110.121.40 (G-M-I.NET):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 f3f1ed8b36
[Firefox: 8 hits: 11-02 to 11-05] none[none] none:none
none|none none none

14:50:00 WinXP 79.110.121.40 (G-M-I.NET):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 f3f1ed8b36
[Firefox: 8 hits: 11-02 to 11-05] none[none] none:none
none|none none none

14:52:00 WinXP 218.235.16.253 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 b376d8303e
NEW none[none] none:none
none|none none none

14:54:00 WinXP 77.57.72.32 (SOLPA.NET):
CABLECOM,
ZURICH, ZURICH, CH. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 26c6e84d5a
NEW none[none] none:none
none|none none none

14:55:00 Win2K-f 85.186.115.191 (-):
ASTRAL MANGALIA DOCSIS,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

15:01:00 WinXP 78.97.137.73 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 28 of 36 f1a2a263ef
[Firefox: 2 hits: 10-20 to 10-20] none[none] none:none
none|none none none

15:02:00 Win2K-f 84.112.185.179 (SURFER.AT):
PROVIDER LOCAL REGISTRY,
VIENNA, WIEN, AT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:17 hits: 09-26 to 10-29] none[none] none:none
none|none none none

T:15:10:00 Win2K-f 80.85.105.95 (VODAFONE.COM.MT):
VODAFONE MALTA,
MT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:15:14:00 WinXP 83.97.192.206 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 d4eed7b000
[Firefox: 2 hits: 11-03 to 11-03] none[none] none:none
none|none none none

T:15:19:00 WinXP 83.215.85.157 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:15:20:00 Win2K-f 58.233.231.123 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 812025bc54
[Firefox: 4 hits: 10-29 to 11-05] none[none] none:none
none|none none none

15:20:00 Win2K-f 219.241.62.49 (HANANET.NET):
HANARO TELECOM INC,
KUNP'O, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 35 47c090fc98
NEW none[none] none:none
none|none none none

15:21:00 WinXP 83.97.192.206 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 d4eed7b000
[Firefox: 2 hits: 11-03 to 11-03] none[none] none:none
none|none none none

T:15:21:00 WinXP 58.226.181.4 (HANANET.NET):
HANARO TELECOM INC,
KR. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 2b2342b5c2
NEW none[none] none:none
none|none none none

T:15:24:00 Win2K-f 123.111.199.141 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

15:26:00 WinXP 211.253.229.229 (KRLINE.NET):
KRNIC,
KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 4264cb2c1c
NEW none[none] none:none
none|none none none

T:15:29:00 Win2K-f 85.108.90.200 (TTNET.NET.TR):
TURK TELEKOM ADSL-ALCATEL,
ISTANBUL, ISTANBUL, TR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 5 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:15:30:00 WinXP 61.216.245.204 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

15:31:00 WinXP 58.233.56.208 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 38e06b93d4
NEW none[none] none:none
none|none none none

T:15:33:00 WinXP 218.237.193.93 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

15:36:00 Win2K-f 58.234.157.226 (-):
THRUNET-INFRA-SEOUL16,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

15:41:00 Win2K-f 211.124.165.105 (ZAQ.NE.JP):
HOKUSETSU CABLE NET CO. LTD,
JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 9d5d0ad83c
[Firefox: 7 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:15:44:00 WinXP 61.229.127.46 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

15:49:00 WinXP 61.221.167.96 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80 135 pcap raw alerts
ruleset http
96 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
57ce4acac2
[Firefox:324 hits: 06-17 to 11-05] none[4]
57ce4acac2[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:15:50:00 Win2K-f 222.232.132.117 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 413c9ac28b
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

15:51:00 Win2K-f 212.233.243.15 (-):
NTL,
FR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 135 pcap raw alerts
ruleset irc
6 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

15:51:00 Win2K-f 62.178.234.63 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 33 of 36 413c9ac28b
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:15:58:00 Win2K-f 122.31.253.5 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 89d021262b
[Firefox:24 hits: 07-29 to 10-28] none[none] none:none
none|none none none

15:58:00 WinXP 83.100.186.1 (KCOM.COM):
ADSLMODEMPOOL-KCOM,
KINGSTON UPON HULL, ENGLAND, UK. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

16:00:00 WinXP 58.230.148.8 (-):
THRUNET-INFRA-SEOUL02,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 22 of 36 85b3516811
NEW none[none] none:none
none|none none none

T:16:01:00 WinXP 4.244.222.158 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) n/a DE:siliconfireware.ru
US:searchportal.information.com
:www.proxy-socks.net
:wpad
DE:ebookfinaltrash.ru
RU:www.vtb.ru
US:208.73.210.121:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
3 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:611 hits: 01-01 to 11-05] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

T:16:05:00 Win2K-f 218.235.16.253 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 b376d8303e
NEW none[none] none:none
none|none none none

T:16:08:00 Win2K-f 58.233.209.147 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:15 hits: 10-20 to 11-05] none[none] none:none
none|none none none

16:17:00 WinXP 120.143.161.40 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:16:24:00 WinXP 217.203.25.147 (-):
TELECOM ITALIA MOBILE,
IT. n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 97afa4f2dc
[Firefox: 5 hits: 10-11 to 10-31] none[none] none:none
none|none none none

16:24:00 WinXP 61.4.223.136 (-):
CJ CABLENET PUKINCHEON BROADCASTING,
INCHON, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 333c43d31b
NEW none[none] none:none
none|none none none

16:26:00 Win2K-f 61.192.66.52 (ZAQ.NE.JP):
CABLENET KOBE ASHIYA CO. LTD,
KOBE, HYOGO, JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 74c6c141d8
[Firefox:11 hits: 08-02 to 10-26] none[none] none:none
none|none none none

T:16:26:00 Win2K-f 221.139.28.102 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 35 8f0a361a9b
[Firefox: 2 hits: 10-28 to 10-28] none[none] none:none
none|none none none

16:26:00 Win2K-f 211.213.82.53 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 35 7377a34aeb
[Firefox:19 hits: 07-27 to 10-28] none[none] none:none
none|none none none

T:16:27:00 WinXP 218.37.231.182 (-):
HANVITINB-INFRA,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 789630775d
NEW none[none] none:none
none|none none none

16:27:00 Win2K-f 122.124.131.180 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:16:33:00 WinXP 221.141.203.71 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

16:35:00 WinXP 211.186.221.228 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:16:39:00 Win2K-f 211.213.238.249 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:16:53:00 Win2K-f 211.212.80.72 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

T:16:55:00 Win2K-f 72.243.205.59 (-):
SHENTEL CONVERGED SERVICES,
DURHAM, NORTH CAROLINA, US. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 36 31f5dd22e3
NEW none[none] none:none
none|none none none

T:16:55:00 WinXP 88.27.95.170 (CAMPUSPARTY06.NET):
TELEFONICA DE ESPANA (NCC#2007050901),
ES. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 f561c235d5
NEW none[none] none:none
none|none none none

T:16:58:00 WinXP 115.138.77.184 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

16:59:00 WinXP 74.210.246.133 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 24 of 36 c4993f56c8
NEW none[none] none:none
none|none none none

17:02:00 Win2K-f 211.108.16.31 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 e084c9803e
NEW none[none] none:none
none|none none none

T:17:04:00 WinXP 218.191.199.109 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox: 6 hits: 10-21 to 10-29] none[none] none:none
none|none none none

17:06:00 Win2K-f 211.203.203.108 (HANANET.NET):
HANARO TELECOM INC,
KR. n/a 139 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball 21 of 36 7369c19a04
NEW none[none] none:none
none|none none none

17:10:00 WinXP 219.115.32.235 (ZAQ.NE.JP):
J-COM KANSAI CO. LTD,
JP. 63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 25 of 36 b7c1db8be3
NEW none[none] none:none
none|none none none

T:17:11:00 Win2K-f 119.148.129.39 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 3 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:17:16:00 WinXP 218.237.159.84 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:17:18:00 Win2K-f 219.241.62.49 (HANANET.NET):
HANARO TELECOM INC,
KUNP'O, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 35 47c090fc98
NEW none[none] none:none
none|none none none

T:17:18:00 Win2K-f 199.2.124.19 (SPRINTLINK.NET):
SPRINT,
US. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

17:21:00 WinXP 58.239.110.46 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 5daac7f4a5
[Firefox: 3 hits: 10-20 to 10-29] none[none] none:none
none|none none none

17:25:00 WinXP 98.135.163.35 (-):
. n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 b872c76081
[Firefox:71 hits: 09-13 to 11-05] none[none] none:none
none|none none none

17:26:00 Win2K-f 211.207.35.167 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:20 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:17:26:00 WinXP 98.135.163.35 (-):
. n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 b872c76081
[Firefox:71 hits: 09-13 to 11-05] none[none] none:none
none|none none none

T:17:29:00 WinXP 123.111.87.108 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:14 hits: 08-15 to 10-29] none[none] none:none
none|none none none

17:36:00 WinXP 24.71.41.32 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CHILLIWACK, BRITISH COLUMBIA, CA. (DSL) 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru
:adult-empire.com 445 pcap raw alerts
ruleset http
3 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1e3cef226f
[Firefox: 2 hits: 11-04 to 11-04] none[none] none:none
none|none none none

17:37:00 WinXP 4.252.30.6 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CHICAGO, ILLINOIS, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:17:39:00 WinXP 200.117.120.62 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a RU:moscow-advokat.ru
:gaspode.zanet.org.za
SE:ced.dal.net
:washington.dc.us.undernet.org
:lulea.se.eu.undernet.org
US:lia.zanet.net
AT:graz.at.eu.undernet.org
NO:london.uk.eu.undernet.org
SE:qis.md.us.dal.net
:los-angeles.ca.us.undernet.org
SE:vancouver.dal.net
:brussels.be.eu.undernet.org
:caen.fr.eu.undernet.org
SE:coins.dal.net
SE:viking.dal.net
:flanders.be.eu.undernet.org
SE:ozbytes.dal.net
NL:diemen.nl.eu.undernet.org
SE:broadway.ny.us.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 f4bffb9e96
NEW none[none] none:none
none|none none none

T:17:40:00 Win2K-f 58.75.213.57 (-):
DACOM CORPORATION,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 3e9430eb7e
NEW none[none] none:none
none|none none none

17:41:00 Win2K-f 125.230.196.178 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:17:57:00 WinXP 121.72.229.155 (TELSTRACLEAR.NET):
TELSTRACLEAR CHRISTCHURCH CABLE CUSTOMERS,
WELLINGTON, WELLINGTON, NZ. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.53.125:80
US:206.33.45.125:80
US:207.123.47.126:80 135 pcap raw alerts
ruleset other
348 lines Yeah : 1.3
profile none summary
tarball 32 of 36
34 of 36 7f89b38665
[Firefox:32 hits: 08-02 to 10-29]
a51a50404e
[Firefox:32 hits: 08-02 to 10-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:01:00 WinXP 61.216.49.97 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:27 hits: 08-15 to 11-05] none[none] none:none
none|none none none

18:06:00 WinXP 61.99.65.149 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
PUSAN, PUSAN-GWANGYOKSI, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 6acdefc975
NEW none[none] none:none
none|none none none

18:07:00 Win2K-f 114.200.149.110 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 115404b48a
NEW none[none] none:none
none|none none none

18:07:00 Win2K-f 58.233.231.123 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 812025bc54
[Firefox: 4 hits: 10-29 to 11-05] none[none] none:none
none|none none none

T:18:09:00 WinXP 92.41.111.35 (IKBCC.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 35 2b78d6647e
NEW none[none] none:none
none|none none none

T:18:09:00 Win2K-f 58.77.99.36 (-):
POW-HFC-KANGNAM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:18:10:00 Win2K-f 218.167.74.239 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

18:10:00 WinXP 210.205.163.97 (-):
THRUNET CO. LTD,
KOTA KINABALU, SABAH, MY. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 34 cc1d7191b0
NEW none[none] none:none
none|none none none

T:18:14:00 WinXP 58.234.80.214 (-):
THRUNET-INFRA-SEOUL15,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 29f48b8b06
[Firefox: 2 hits: 10-28 to 10-28] none[none] none:none
none|none none none

18:15:00 WinXP 119.65.4.118 (-):
. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ee89f73b61
NEW none[none] none:none
none|none none none

T:18:17:00 Win2K-f 211.186.221.228 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

18:17:00 Win2K-f 221.143.97.37 (GUTZWILLER.CH):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 c8e3f53f50
[Firefox: 2 hits: 10-27 to 10-27] none[none] none:none
none|none none none

18:23:00 Win2K-f 218.36.66.120 (KRLINE.NET):
KRLINE INTERNET SERVICE INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 f9fbdd5ce8
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:18:25:00 WinXP 58.232.201.129 (-):
THRUNET-INFRA-GANGWON09,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 75cfbfa70a
NEW none[none] none:none
none|none none none

18:31:00 WinXP 12.197.248.132 (HYPERUSA.COM):
NETWORK USA,
NATCHITOCHES, LOUISIANA, US. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 10c3e12a46
[Firefox: 6 hits: 11-01 to 11-05] none[none] none:none
none|none none none

18:32:00 WinXP 68.149.149.240 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 35 9a5473abde
NEW none[none] none:none
none|none none none

T:18:32:00 WinXP 124.62.155.30 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:18:37:00 WinXP 68.149.149.240 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 35 9a5473abde
NEW none[none] none:none
none|none none none

18:40:00 WinXP 72.0.185.234 (BENDBROADBAND.COM):
BEND CABLE COMMUNICATIONS LLC,
BEND, OREGON, US. n/a 139 pcap raw alerts
ruleset ftp
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:18:42:00 Win2K-f 211.186.7.222 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

18:42:00 Win2K-f 58.239.230.25 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 028f316535
NEW none[none] none:none
none|none none none

18:45:00 Win2K-f 118.217.74.127 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 36 2d146934f1
[Firefox: 2 hits: 09-26 to 10-21] none[none] none:none
none|none none none

T:18:47:00 Win2K-f 125.224.152.217 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:18:48:00 WinXP 222.252.182.206 (LOCALHOST):
VIETNAM TELECOM NATIONAL,
VN. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 27 of 36 2762102c9a
NEW none[none] none:none
none|none none none

18:49:00 Win2K-f 211.178.211.152 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 50649fc087
[Firefox:21 hits: 07-29 to 11-05] none[none] none:none
none|none none none

18:50:00 WinXP 221.138.237.68 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 43e6fa16c4
NEW none[none] none:none
none|none none none

T:18:54:00 WinXP 119.148.143.101 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:18:58:00 Win2K-f 211.210.157.157 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:27 hits: 08-15 to 11-05] none[none] none:none
none|none none none

19:11:00 Win2K-f 211.211.197.126 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 4e95e2659e
NEW none[none] none:none
none|none none none

19:11:00 Win2K-f 24.85.38.25 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

19:12:00 WinXP 4.154.39.252 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NORTH CAROLINA, US. (DIAL) n/a EU:siliconfireware.ru
US:searchportal.information.com
:wpad
GB:new.egg.com
GB:olb2.nationet.com
DE:hyper-space-fuel.ru
US:atmacasoft.com
US:208.73.210.121:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
3 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:300 hits: 01-01 to 11-05] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

19:13:00 WinXP 211.206.164.112 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:19:13:00 WinXP 211.200.114.15 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 36 0db664089d
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

19:15:00 WinXP 84.112.41.195 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. (DSL) n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:19:16:00 WinXP 93.123.8.123 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 36 0db664089d
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:19:20:00 WinXP 76.172.61.54 (RR.COM):
ROAD RUNNER HOLDCO LLC,
TARZANA, CALIFORNIA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 32 of 32 d1377a8b90
[Firefox: 4 hits: 03-25 to 10-31] ad56da3672 [0] ASM:Graph
PolyEnE| lines=68 trace

T:19:20:00 Win2K-f 125.26.6.36 (TOTBB.NET):
TOT ADSL IP ADDRESS POOL,
BANGKOK, KRUNG THEP MAHANAKHON, TH. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 f9fbdd5ce8
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:19:24:00 WinXP 96.10.241.111 (-):
. n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1448 hits: 12-31 to 11-05] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

19:25:00 WinXP 121.115.138.139 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:659 hits: 01-01 to 11-05] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:19:26:00 Win2K-f 58.230.57.7 (-):
THRUNET-INFRA-SEOUL01,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 c24cc6acf2
NEW none[none] none:none
none|none none none

T:19:29:00 WinXP 78.97.67.46 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 4d4e951db2
NEW none[none] none:none
none|none none none

19:31:00 Win2K-f 72.251.70.97 (1DIAL.COM):
AD-BASE SYSTEMS INC. (DBA GLOBALPOPS),
PITTSBURGH, PENNSYLVANIA, US. (DIAL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:19:39:00 WinXP 222.234.157.216 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

19:41:00 Win2K-f 61.192.41.36 (ZAQ.NE.JP):
J-COM KANSAI CO. LTD,
JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:19:41:00 Win2K-f 121.82.176.24 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 35 50649fc087
[Firefox:21 hits: 07-29 to 11-05] none[none] none:none
none|none none none

19:42:00 WinXP 218.236.62.54 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox: 6 hits: 10-21 to 10-29] none[none] none:none
none|none none none

T:19:43:00 WinXP 72.0.185.234 (BENDBROADBAND.COM):
BEND CABLE COMMUNICATIONS LLC,
BEND, OREGON, US. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

19:50:00 WinXP 207.177.229.73 (REDSHIFT.COM):
NITELOG INC,
SALINAS, CALIFORNIA, US. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 36 0db664089d
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

19:55:00 WinXP 222.235.106.11 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 a537edc44b
[Firefox: 4 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:19:55:00 WinXP 211.215.11.193 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:20:00:00 Win2K-f 218.236.62.54 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox: 6 hits: 10-21 to 10-29] none[none] none:none
none|none none none

20:01:00 Win2K-f 218.50.12.6 (HANANET.NET):
HANARO TELECOM INC,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:20 hits: 08-15 to 10-28] none[none] none:none
none|none none none

20:07:00 Win2K-f 78.97.67.46 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 4d4e951db2
NEW none[none] none:none
none|none none none

T:20:09:00 Win2K-f 218.54.68.232 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 ed60f44f45
NEW none[none] none:none
none|none none none

T:20:10:00 WinXP 204.193.221.180 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
DENVER, COLORADO, US. n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 33 of 34 a7003c5a33
[Firefox:19 hits: 10-21 to 11-05] none[none] none:none
none|none none none

T:20:12:00 WinXP 114.58.131.242 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 f3100aaed8
NEW none[none] none:none
none|none none none

T:20:14:00 WinXP 218.232.137.254 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 559b45d845
NEW none[none] none:none
none|none none none

20:20:00 WinXP 58.239.57.253 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 5 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:20:24:00 Win2K-f 61.4.223.136 (-):
CJ CABLENET PUKINCHEON BROADCASTING,
INCHON, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 333c43d31b
NEW none[none] none:none
none|none none none

20:26:00 Win2K-f 211.210.157.157 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:27 hits: 08-15 to 11-05] none[none] none:none
none|none none none

20:27:00 WinXP 89.137.115.45 (-):
ASTRAL CLUJ-NAPOCA DOCSIS NETWORK,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 918355cad9
[Firefox: 8 hits: 10-26 to 11-05] none[none] none:none
none|none none none

20:27:00 Win2K-f 125.26.123.233 (TOTBB.NET):
TOT ADSL IP ADDRESS POOL,
BANGKOK, KRUNG THEP MAHANAKHON, TH. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:20:29:00 WinXP 85.30.104.226 (-):
TELECOMMUNICATION SOCIETY PET NET DOO,
MK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

20:30:00 WinXP 211.204.86.157 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox: 6 hits: 10-21 to 10-29] none[none] none:none
none|none none none

T:20:30:00 WinXP 220.255.16.147 (SINGNET.COM.SG):
SINGNET PTE LTD,
SINGAPORE, SINGAPORE, SG. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 1021b89b5b
NEW none[none] none:none
none|none none none

20:36:00 WinXP 219.105.126.47 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:659 hits: 01-01 to 11-05] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:20:40:00 Win2K-f 90.155.194.24 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:20:44:00 WinXP 58.235.19.126 (-):
THRUNET-INFRA-BUSAN15,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 7377a34aeb
[Firefox:19 hits: 07-27 to 10-28] none[none] none:none
none|none none none

20:45:00 WinXP 211.202.168.52 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 14d0535eaf
NEW none[none] none:none
none|none none none

T:20:51:00 WinXP 85.66.218.99 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 36 fcb6426ef8
NEW none[none] none:none
none|none none none

T:20:54:00 WinXP 130.13.72.220 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 8e37830aa3
NEW none[none] none:none
none|none none none

20:56:00 Win2K-f 221.143.87.214 (GUTZWILLER.CH):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 5a38a2e599
NEW none[none] none:none
none|none none none

20:56:00 Win2K-f 211.187.104.38 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:21:00:00 WinXP 67.64.30.245 (WBSNET.NET):
WHEATLAND ELECTRIC COOP,
SCOTT CITY, KANSAS, US. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80
US:207.123.37.126:80
US:207.123.47.126:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:3764 hits: 06-17 to 11-05]
a08f3b74a4
[Firefox:1346 hits: 06-18 to 11-05] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

21:01:00 WinXP 61.216.245.204 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:21:01:00 Win2K-f 211.178.211.152 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 50649fc087
[Firefox:21 hits: 07-29 to 11-05] none[none] none:none
none|none none none

T:21:04:00 Win2K-f 209.239.9.70 (ON.CA):
EXECULINK INTERNET SERVICES CORPORATION,
LONDON, ONTARIO, CA. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80
US:207.123.37.126:80
US:207.123.47.126:80 135 pcap raw alerts
ruleset other
112 lines Yeah : 1.3
profile none summary
tarball 33 of 35
31 of 35 039e3fa376
[Firefox:12 hits: 07-24 to 10-27]
76f2c59ef8
[Firefox:12 hits: 07-24 to 10-27] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:09:00 WinXP 58.239.130.116 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 2afee40276
NEW none[none] none:none
none|none none none

21:11:00 Win2K-f 219.241.9.39 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 3eeb212cb1
[Firefox: 6 hits: 10-22 to 11-05] none[none] none:none
none|none none none

21:15:00 WinXP 70.64.133.105 (GASOC.COM):
SHAW COMMUNICATIONS INC,
SASKATOON, SASKATCHEWAN, CA. (DSL) n/a RU:moscow-advokat.ru
FI:london.uk.eu.undernet.org
:caen.fr.eu.undernet.org
SE:coins.dal.net
:flanders.be.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:viking.dal.net
NL:diemen.nl.eu.undernet.org
US:lia.zanet.net
SE:ozbytes.dal.net
SE:ced.dal.net
:washington.dc.us.undernet.org
SE:qis.md.us.dal.net
SE:broadway.ny.us.dal.net
:brussels.be.eu.undernet.org
SE:vancouver.dal.net
:gaspode.zanet.org.za
AT:graz.at.eu.undernet.org 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 96d089e522
[Firefox:50 hits: 10-08 to 11-05] none[none] none:none
none|none none none

21:16:00 Win2K-f 211.212.95.90 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 d23eeeb4ee
NEW none[none] none:none
none|none none none

21:20:00 WinXP 116.46.166.140 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:25:00 WinXP 76.182.2.6 (RR.COM):
ROAD RUNNER HOLDCO LLC,
RALEIGH, NORTH CAROLINA, US. n/a DE:siliconfireware.ru
GB:welcome3.smile.co.uk
:wpad
GB:195.92.84.198:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:611 hits: 01-01 to 11-05] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

T:21:30:00 Win2K-f 222.235.106.11 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 a537edc44b
[Firefox: 4 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:21:30:00 WinXP 219.114.3.101 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:31:00 Win2K-f 24.86.158.215 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:21:34:00 Win2K-f 211.173.185.9 (-):
CJ CABLENET PUKINCHEON BROADCASTING CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 07595c57c6
NEW none[none] none:none
none|none none none

21:36:00 Win2K-f 85.66.106.52 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 0db664089d
[Firefox: 8 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:21:39:00 WinXP 221.125.69.181 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

21:40:00 WinXP 211.49.84.189 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 22 of 36 d79de17b72
NEW none[none] none:none
none|none none none

21:42:00 WinXP 123.22.6.208 (-):
VIETNAM TELECOM NATIONAL (VTN),
VN. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 28 of 36 80cdfa6655
NEW none[none] none:none
none|none none none

T:21:44:00 WinXP 221.138.97.237 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 0fb74a16d5
NEW none[none] none:none
none|none none none

21:48:00 Win2K-f 58.236.123.43 (-):
THRUNET-INFRA-INCHEON09,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 d1b1ab1740
NEW none[none] none:none
none|none none none

21:55:00 WinXP 24.86.68.253 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 5 hits: 10-22 to 11-05] none[none] none:none
none|none none none

21:57:00 Win2K-f 116.45.40.155 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

21:57:00 WinXP 210.205.29.239 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 35 77dadc76a0
NEW none[none] none:none
none|none none none

22:00:00 WinXP 61.254.90.66 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 35 89d021262b
[Firefox:24 hits: 07-29 to 10-28] none[none] none:none
none|none none none

T:22:01:00 WinXP 118.140.70.234 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:22:01:00 Win2K-f 220.137.73.84 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:14 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:22:03:00 Win2K-f 210.205.163.97 (-):
THRUNET CO. LTD,
KOTA KINABALU, SABAH, MY. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 21 of 34 cc1d7191b0
NEW none[none] none:none
none|none none none

T:22:10:00 Win2K-f 82.77.146.68 (RDSTM.RO):
ROMANIA DATA SYSTEMS,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:14 hits: 08-15 to 10-29] none[none] none:none
none|none none none

T:22:14:00 WinXP 122.43.15.50 (-):
POWERCOMM,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:37 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:22:19:00 Win2K-f 83.103.135.129 (ASTRAL.RO):
ASTRAL CLUJ-NAPOCA DOCSIS,
CLUJ-NAPOCA, CLUJ, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

22:21:00 WinXP 203.73.83.61 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

22:22:00 Win2K-f 88.165.0.48 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

22:23:00 Win2K-f 222.232.33.59 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:22:24:00 WinXP 62.51.59.153 (AOL.COM):
DSL-CSI-NL,
UK. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 20 of 31 324301545c
NEW none[none] none:none
none|none none none

T:22:24:00 WinXP 124.60.245.140 (-):
POWERCOM,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 35 89d021262b
[Firefox:24 hits: 07-29 to 10-28] none[none] none:none
none|none none none

22:30:00 Win2K-f 123.18.147.125 (-):
VIETNAM TELECOM NATIONAL (VTN),
VN. n/a 139 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 36 9ed9d4319e
NEW none[none] none:none
none|none none none

T:22:31:00 WinXP 124.57.17.79 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

22:35:00 WinXP 118.98.186.106 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 29 of 36 18f43a10de
NEW none[none] none:none
none|none none none

T:22:37:00 Win2K-f 211.211.40.185 (HANANET.NET):
HANARO TELECOM INC,
ULAANBAATAR, ULAANBAATAR, MN. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 82eb778bf1
NEW none[none] none:none
none|none none none

T:22:39:00 WinXP 119.94.186.136 (-):
. n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

22:40:00 WinXP 218.234.125.21 (PANELPOWER.NET):
HANARO TELECOM CO,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:10 hits: 09-26 to 10-28] none[none] none:none
none|none none none

22:41:00 WinXP 211.200.65.119 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 26 of 36 9f2789e818
NEW none[none] none:none
none|none none none

T:22:45:00 Win2K-f 219.241.9.39 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 3 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:22:47:00 Win2K-f 85.67.157.35 (-):
FIBERNET,
HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 625144cee4
[Firefox:19 hits: 09-26 to 11-05] none[none] none:none
none|none none none

22:48:00 Win2K-f 89.136.25.72 (UPCNET.RO):
ASTRAL-UPC ROMAN,
TIMISOARA, TIMIS, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 76b7a2a0ad
[Firefox: 3 hits: 11-05 to 11-05] none[none] none:none
none|none none none

T:22:49:00 WinXP 219.255.34.159 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:12 hits: 09-26 to 11-05] none[none] none:none
none|none none none

22:50:00 WinXP 61.228.245.96 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:26 hits: 07-29 to 10-29] none[none] none:none
none|none none none

22:57:00 Win2K-f 220.230.249.19 (-):
DONG-GWANGYANG-BC,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 b57908f1ca
NEW none[none] none:none
none|none none none

23:00:00 WinXP 218.232.215.132 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:23:00:00 WinXP 70.77.56.69 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

23:01:00 Win2K-f 121.53.16.112 (-):
DREAMX,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
28 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:15 hits: 09-26 to 11-05] none[none] none:none
none|none none none

23:02:00 Win2K-f 43.232.145.122 (UCOM.NE.JP):
JAPAN INET,
JP. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:20 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:23:09:00 WinXP 123.212.157.43 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:18 hits: 08-15 to 11-05] none[none] none:none
none|none none none

23:10:00 WinXP 89.109.46.119 (MTS-NN.RU):
NETWORK FOR CLIENTS TERMINATIONS IN,
NOVGOROD, NOVGORODSKAYA OBLAST', RU. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:659 hits: 01-01 to 11-05] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:23:11:00 WinXP 89.137.147.110 (-):
ASTRAL MIERCUREA-CIUC DOCSIS NETWORK,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 3 hits: 10-22 to 11-05] none[none] none:none
none|none none none

T:23:15:00 Win2K-f 88.173.108.3 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 6b28308388
[Firefox: 3 hits: 11-05 to 11-05] none[none] none:none
none|none none none

23:16:00 WinXP 221.139.113.147 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:15 hits: 08-01 to 11-05] none[none] none:none
none|none none none

T:23:25:00 Win2K-f 221.141.146.241 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:15 hits: 10-20 to 11-05] none[none] none:none
none|none none none

23:36:00 WinXP 121.82.205.232 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 35 50649fc087
[Firefox:21 hits: 07-29 to 11-05] none[none] none:none
none|none none none

T:23:37:00 Win2K-f 222.232.33.59 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox: 4 hits: 10-26 to 10-28] none[none] none:none
none|none none none

23:37:00 WinXP 218.51.103.183 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 33b54507d5
[Firefox: 4 hits: 09-26 to 11-05] none[none] none:none
none|none none none

23:39:00 Win2K-f 85.95.210.181 (CALIXO.NET):
VIALIS - REGIE MUNICIPALE DE COLMAR,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:20 hits: 09-26 to 11-05] none[none] none:none
none|none none none

T:23:39:00 WinXP 211.209.224.86 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 c3be2ee601
[Firefox: 5 hits: 10-22 to 10-28] none[none] none:none
none|none none none

T:23:42:00 WinXP 211.59.114.168 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:26 hits: 07-29 to 10-29] none[none] none:none
none|none none none

23:43:00 Win2K-f 58.232.252.8 (-):
THRUNET-INFRA-BUSAN07,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 e2e8123feb
NEW none[none] none:none
none|none none none

23:44:00 Win2K-f 218.51.150.155 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 36 19297d53be
NEW none[none] none:none
none|none none none

23:44:00 Win2K-f 211.49.185.64 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:20 hits: 08-15 to 10-28] none[none] none:none
none|none none none

T:23:45:00 WinXP 220.163.223.164 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:26 hits: 08-15 to 11-05] none[none] none:none
none|none none none

T:23:49:00 WinXP 114.200.44.150 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 2acfcf1e04
NEW none[none] none:none
none|none none none

T:23:59:00 WinXP 85.186.0.20 (ASTRAL.RO):
ASTRAL CLUJ-NAPOCA DOCSIS,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 4 hits: 10-22 to 11-05] none[none] none:none
none|none none none