Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

07 November 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:05:00 WinXP 205.201.122.61 (CLASSICNET.NET):
CEBRIDGE CONNECTIONS,
US. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c748cf2b25
NEW none[none] none:none
none|none none none

00:12:00 WinXP 88.187.211.40 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:00:17:00 Win2K-f 222.232.7.171 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 6 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:00:20:00 WinXP 61.255.173.51 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 8d64e140bd
NEW none[none] none:none
none|none none none

T:00:20:00 WinXP 59.113.14.35 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DIAL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

00:21:00 WinXP 121.125.9.57 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:16 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:00:24:00 WinXP 58.124.99.244 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 22 of 36 5b6fa6b283
NEW none[none] none:none
none|none none none

00:26:00 Win2K-f 211.52.137.217 (-):
THRUNET CO. LTD,
SHANGHAI, SHANGHAI, CN. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 54611d6722
NEW none[none] none:none
none|none none none

T:00:26:00 Win2K-f 118.218.43.118 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 53b6c7be64
NEW none[none] none:none
none|none none none

00:27:00 Win2K-f 218.237.233.98 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 3eeb212cb1
[Firefox: 9 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:00:29:00 Win2K-f 211.211.103.130 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 88dd1b45bd
NEW none[none] none:none
none|none none none

00:30:00 Win2K-f 78.97.40.172 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 6 hits: 09-26 to 11-06] none[none] none:none
none|none none none

00:30:00 WinXP 88.173.211.70 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 1ca7138b8f
NEW none[none] none:none
none|none none none

00:31:00 Win2K-f 119.148.143.253 (-):
. n/a 139 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:18 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:00:34:00 Win2K-f 211.204.106.122 (HANANET.NET):
HANARO TELECOM INC,
KR. n/a 139 pcap raw alerts
ruleset ftp
22 lines Yeah : 0.8
profile none summary
tarball 34 of 36 2a5bd0770c
NEW none[none] none:none
none|none none none

T:00:39:00 WinXP 212.186.98.139 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:20 hits: 09-26 to 11-06] none[none] none:none
none|none none none

00:40:00 WinXP 221.140.249.55 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 42c0038da1
NEW none[none] none:none
none|none none none

T:00:44:00 WinXP 115.138.54.175 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:00:45:00 WinXP 221.141.168.85 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:18 hits: 09-26 to 11-06] none[none] none:none
none|none none none

00:51:00 WinXP 61.99.163.247 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 1.3
profile none summary
tarball 35 of 36 66071576fb
NEW none[none] none:none
none|none none none

T:00:54:00 WinXP 88.187.211.40 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:00:55:00 Win2K-f 85.227.252.172 (BREDBANDSBOLAGET.SE):
BB-BISP-DSL10-SBB10-MLM,
SE. n/a 139 pcap raw alerts
ruleset ftp
23 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

01:06:00 Win2K-f 85.186.144.101 (-):
ASTRAL MANGALIA CPE,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:18 hits: 10-20 to 11-06] none[none] none:none
none|none none none

01:07:00 Win2K-f 211.108.31.127 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 36 347daa99f9
[Firefox: 2 hits: 10-26 to 10-26] none[none] none:none
none|none none none

01:08:00 WinXP 218.160.248.231 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

01:08:00 Win2K-f 203.130.184.105 (-):
TAEGU NAMSAN 4-DONG JUNG-GU DAEGU,
TAEGU, KYONGSANG-BUKTO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 052ac5379e
[Firefox: 2 hits: 10-26 to 10-28] none[none] none:none
none|none none none

T:01:09:00 WinXP 218.236.62.54 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox:11 hits: 10-21 to 11-06] none[none] none:none
none|none none none

01:10:00 Win2K-f 212.10.218.130 (REV.STOFANET.DK):
TELIA STOFA A/S,
DK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 68c9d6aaac
NEW none[none] none:none
none|none none none

01:10:00 WinXP 211.236.139.161 (-):
CJ CABLENET PUKINCHEON BROADCASTING CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 0fb74a16d5
[Firefox: 2 hits: 11-05 to 11-06] none[none] none:none
none|none none none

T:01:15:00 Win2K-f 218.101.205.221 (-):
HANVITINB-INFRA,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 e0ca3e2b2c
NEW none[none] none:none
none|none none none

01:17:00 WinXP 220.230.145.231 (-):
CJCABLENETJUNGBUSAN3,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 49ccdb35f1
NEW none[none] none:none
none|none none none

01:20:00 WinXP 211.110.189.224 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:01:23:00 WinXP 79.175.205.216 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 5a38a2e599
[Firefox: 3 hits: 10-28 to 11-06] none[none] none:none
none|none none none

T:01:27:00 Win2K-f 211.247.185.159 (-):
DREAMX-CATV-JUNGBUSANCABLE2,
KR. n/a 139 pcap raw alerts
ruleset ftp
26 lines Yeah : 0.8
profile none summary
tarball 29 of 36 89c901c1e0
NEW none[none] none:none
none|none none none

T:01:29:00 WinXP 218.239.109.82 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 74c6c141d8
[Firefox:13 hits: 08-02 to 11-06] none[none] none:none
none|none none none

T:01:32:00 Win2K-f 118.174.19.107 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 929520d19f
NEW none[none] none:none
none|none none none

T:01:34:00 WinXP 85.186.144.101 (-):
ASTRAL MANGALIA CPE,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:18 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:01:34:00 WinXP 78.131.63.69 (-):
EMKTV BUDAPEST VLAN 20 DOCSIS,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

T:01:44:00 WinXP 222.236.158.254 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ede6045c82
NEW none[none] none:none
none|none none none

01:46:00 WinXP 81.251.103.28 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
MARSEILLE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

01:47:00 Win2K-f 78.31.61.66 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

01:47:00 Win2K-f 218.167.191.216 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

01:48:00 Win2K-f 221.125.215.192 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 625144cee4
[Firefox:25 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:01:54:00 WinXP 222.232.70.55 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 10bd775d06
NEW none[none] none:none
none|none none none

01:54:00 WinXP 218.190.78.46 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 9852ec60d2
NEW none[none] none:none
none|none none none

T:01:59:00 Win2K-f 58.233.77.115 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 af782db102
NEW none[none] none:none
none|none none none

T:02:03:00 Win2K-f 211.173.181.39 (-):
CJ CABLENET PUKINCHEON BROADCASTING CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 cc8840e4b7
[Firefox: 5 hits: 10-20 to 11-06] none[none] none:none
none|none none none

02:07:00 WinXP 116.42.57.65 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:09:00 WinXP 218.191.129.69 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 114d93b412
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:02:11:00 WinXP 218.39.248.196 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

02:14:00 Win2K-f 61.17.11.42 (ETH.NET):
VIDESH SANCHAR NIGAM LTD - INDIA,
PUNE, MAHARASHTRA, IN. n/a 139 pcap raw alerts
ruleset ftp
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:15:00 WinXP 210.79.143.77 (MEDIATTI.NET):
MEDIATTI COMMUNICATIONS INC,
TOKYO, TOKYO, JP. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

02:17:00 Win2K-f 219.241.93.140 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 75a7aeece0
NEW none[none] none:none
none|none none none

T:02:18:00 Win2K-f 218.48.173.32 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

02:21:00 WinXP 82.77.146.68 (RDSTM.RO):
ROMANIA DATA SYSTEMS,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:02:25:00 WinXP 211.33.119.40 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 01d27308e9
NEW none[none] none:none
none|none none none

02:26:00 Win2K-f 122.43.122.89 (-):
POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

02:27:00 Win2K-f 89.137.162.75 (-):
ASTRAL ROMAN DOCSIS NETWORK,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 8 hits: 10-22 to 11-06] none[none] none:none
none|none none none

02:30:00 WinXP 121.124.214.131 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 7377a34aeb
[Firefox:21 hits: 07-27 to 11-06] none[none] none:none
none|none none none

T:02:31:00 Win2K-f 82.194.153.202 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:35:00 WinXP 85.66.101.123 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 36 9f2789e818
NEW none[none] none:none
none|none none none

T:02:39:00 WinXP 210.3.172.123 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

T:02:41:00 WinXP 211.203.19.140 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

02:46:00 WinXP 210.127.87.182 (KFA.CO.KR):
KRNIC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 75b372822f
NEW none[none] none:none
none|none none none

T:02:49:00 Win2K-f 211.187.106.184 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:02:49:00 WinXP 58.235.149.11 (-):
THRUNET-INFRA-BUSAN15,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 32 of 36 a0866eeee3
NEW none[none] none:none
none|none none none

02:50:00 WinXP 122.43.68.74 (-):
POWERCOMM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:51:00 Win2K-f 58.233.127.147 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 625144cee4
[Firefox:25 hits: 09-26 to 11-06] none[none] none:none
none|none none none

02:53:00 Win2K-f 211.209.146.75 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
21 lines Yeah : 0.8
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:20 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:02:56:00 Win2K-f 116.124.27.7 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a1a7be82fd
NEW none[none] none:none
none|none none none

T:02:57:00 Win2K-f 211.110.57.66 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 50649fc087
[Firefox:26 hits: 07-29 to 11-06] none[none] none:none
none|none none none

03:01:00 Win2K-f 210.109.72.77 (KRLINE.NET):
KRNIC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 22777c3940
NEW none[none] none:none
none|none none none

03:02:00 WinXP 82.240.5.225 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:03:16:00 WinXP 221.125.131.69 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:03:16:00 WinXP 58.230.108.210 (-):
THRUNET-INFRA-SEOUL01,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 35 a94f8fd4c2
[Firefox:17 hits: 07-29 to 11-06] none[none] none:none
none|none none none

T:03:23:00 WinXP 89.136.29.86 (UPCNET.RO):
ASTRAL-UPC FOCSANI,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 d17330db37
[Firefox: 9 hits: 10-22 to 11-05] none[none] none:none
none|none none none

03:26:00 WinXP 82.225.141.43 (PROXAD.NET):
PROXAD / FREE SAS,
GRENOBLE, RHONE-ALPES, FR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c748cf2b25
NEW none[none] none:none
none|none none none

T:03:28:00 WinXP 88.31.248.85 (RIMA-TDE.NET):
TELEFONICA MOVILES ESPANA (NCC#2007041930),
ES. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:25 hits: 09-26 to 11-06] none[none] none:none
none|none none none

03:28:00 Win2K-f 218.237.159.84 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 34 c50e298b27
[Firefox:12 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:03:30:00 Win2K-f 79.74.104.219 (AS9105.COM):
TELINCO,
UK. n/a 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 34 of 36 a128f256fb
NEW none[none] none:none
none|none none none

03:33:00 Win2K-f 211.110.87.13 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:16 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:03:34:00 WinXP 61.205.82.88 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

03:35:00 WinXP 211.49.246.136 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 22 of 36 fb3c4b6997
NEW none[none] none:none
none|none none none

03:38:00 WinXP 221.142.106.196 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 ca742df257
NEW none[none] none:none
none|none none none

03:40:00 Win2K-f 222.238.31.39 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 0e399152f1
NEW none[none] none:none
none|none none none

T:03:44:00 WinXP 88.168.27.119 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

03:48:00 Win2K-f 218.220.58.222 (ZAQ.NE.JP):
J-COM KANSAI CO. LTD,
JP. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:22 hits: 09-26 to 11-06] none[none] none:none
none|none none none

03:49:00 WinXP 218.238.16.162 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 33b54507d5
[Firefox: 5 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:03:51:00 WinXP 89.41.88.235 (HOST-89-41-64-10.MOLDTELECOM.MD):
JSC MOLDTELECOM SA,
CHISINAU, CHISINAU, MD. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 10c3e12a46
[Firefox: 7 hits: 11-01 to 11-06] none[none] none:none
none|none none none

T:03:54:00 WinXP 118.140.140.209 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

03:55:00 Win2K-f 221.125.214.214 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:121 hits: 07-13 to 11-06] none[none] none:none
none|none none none

03:55:00 WinXP 123.18.143.237 (-):
VIETNAM TELECOM NATIONAL (VTN),
VN. 67.43.236.98:5190 CA:xx.sqlteam.info
CA:zonetech.info
CA:alwayssam.com 139 pcap raw alerts
ruleset ftp
irc
http
32 lines Yeah : 1.3
profile none summary
tarball 21 of 36
21 of 36
15 of 36 41b9df60db
[Firefox: 3 hits: 11-03 to 11-05]
9ed9d4319e
[Firefox: 2 hits: 08-29 to 11-06]
cada8d5adf
[Firefox: 4 hits: 11-03 to 11-05] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

03:57:00 Win2K-f 62.107.186.133 (REV.STOFANET.DK):
STOFANET-AARH-CIDR,
NAESTVED, STORSTROM, DK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:04:00:00 Win2K-f 211.176.214.218 (HANANET.NET):
HANARO TELECOM INC,
ULAANBAATAR, ULAANBAATAR, MN. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 8bf460552e
NEW none[none] none:none
none|none none none

T:04:04:00 WinXP 89.137.130.174 (-):
ASTRAL BACAU DOCSIS NETWORK,
BACAU, BACAU, RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 44ea4d3c7c
[Firefox:20 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:04:06:00 Win2K-f 118.218.99.104 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 1.3
profile none summary
tarball 30 of 36 2d146934f1
[Firefox: 3 hits: 09-26 to 11-06] none[none] none:none
none|none none none

04:06:00 WinXP 92.115.14.13 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru
**:color-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 d58b628157
NEW none[none] none:none
none|none none none

04:10:00 WinXP 58.238.249.224 (-):
THRUNET-INFRA-BUSAN17,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 db5e8959fe
NEW none[none] none:none
none|none none none

T:04:14:00 WinXP 58.122.122.184 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 000e599b02
NEW none[none] none:none
none|none none none

04:15:00 WinXP 125.190.34.197 (-):
POW-HFC-DAEGU-04,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

04:21:00 WinXP 221.126.226.249 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

04:28:00 Win2K-f 61.230.98.170 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 3793a35bfc
NEW none[none] none:none
none|none none none

04:30:00 Win2K-f 88.243.100.222 (TTNET.NET.TR):
TT ADSL-ALCATEL DYNAMIC_ACI,
ISTANBUL, ISTANBUL, TR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

04:32:00 Win2K-f 218.171.152.72 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:04:34:00 Win2K-f 114.47.237.121 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 23 of 36 9d5d0ad83c
[Firefox: 8 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:04:39:00 Win2K-f 87.223.173.60 (DYNAMIC.JAZZTEL.ES):
JAZZ TELECOM S.A,
ES. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:04:39:00 WinXP 83.212.121.151 (TEIHER.GR):
TECHNOLOGICAL EDUCATIONAL INSTITUTE,
THESSALONIKI, THESSALONIKI, GR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

04:41:00 Win2K-f 123.213.171.215 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 a565344646
NEW none[none] none:none
none|none none none

T:04:44:00 WinXP 58.229.154.93 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:25 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:04:50:00 WinXP 88.169.188.73 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
SE:broadway.ny.us.dal.net
NL:diemen.nl.eu.undernet.org
SE:ozbytes.dal.net
SE:ced.dal.net
:gaspode.zanet.org.za
:flanders.be.eu.undernet.org
:caen.fr.eu.undernet.org
AT:graz.at.eu.undernet.org
SE:vancouver.dal.net
:los-angeles.ca.us.undernet.org
US:lia.zanet.net
SE:qis.md.us.dal.net
SE:coins.dal.net
NO:london.uk.eu.undernet.org
:lulea.se.eu.undernet.org 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 a43d9c73a4
NEW none[none] none:none
none|none none none

04:55:00 Win2K-f 118.160.119.248 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 cd712316e7
[Firefox: 5 hits: 10-26 to 11-06] none[none] none:none
none|none none none

04:56:00 WinXP 88.169.188.73 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
FI:london.uk.eu.undernet.org
AT:graz.at.eu.undernet.org
SE:ced.dal.net
:brussels.be.eu.undernet.org
:washington.dc.us.undernet.org
:caen.fr.eu.undernet.org
SE:vancouver.dal.net
:gaspode.zanet.org.za
SE:broadway.ny.us.dal.net
SE:ozbytes.dal.net
SE:qis.md.us.dal.net
US:lia.zanet.net
:lulea.se.eu.undernet.org
SE:viking.dal.net
SE:coins.dal.net
NL:diemen.nl.eu.undernet.org
:los-angeles.ca.us.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 34 of 36 a43d9c73a4
NEW none[none] none:none
none|none none none

04:57:00 WinXP 218.171.115.65 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:22 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:05:04:00 WinXP 78.155.161.117 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:16 hits: 09-26 to 11-06] none[none] none:none
none|none none none

05:05:00 Win2K-f 218.191.129.69 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 114d93b412
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:05:05:00 Win2K-f 211.244.200.150 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:05:09:00 WinXP 211.109.32.105 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
13 lines Yeah : 1.3
profile none summary
tarball 26 of 35 50649fc087
[Firefox:26 hits: 07-29 to 11-06] none[none] none:none
none|none none none

05:11:00 Win2K-f 119.149.44.102 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 000e599b02
NEW none[none] none:none
none|none none none

T:05:11:00 WinXP 114.47.70.148 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

05:15:00 WinXP 118.174.159.4 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 31 of 36 16fe4d40d8
[Firefox: 2 hits: 10-29 to 10-29] none[none] none:none
none|none none none

05:19:00 Win2K-f 218.191.177.207 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 27 of 36 5865999b46
NEW none[none] none:none
none|none none none

05:21:00 Win2K-f 211.109.214.95 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 50649fc087
[Firefox:26 hits: 07-29 to 11-06] none[none] none:none
none|none none none

05:21:00 WinXP 211.206.217.243 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 23 of 36 39f58064b9
NEW none[none] none:none
none|none none none

T:05:24:00 Win2K-f 61.125.102.28 (ZAQ.NE.JP):
J-COM KANSAI CO. LTD,
TOKYO, TOKYO, JP. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset irc
6 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:05:25:00 Win2K-f 88.244.154.175 (TTNET.NET.TR):
TT ADSL-ALCATEL DYNAMIC_ACI,
IZMIR, IZMIR, TR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:05:26:00 WinXP 210.3.187.69 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 24 of 36 6f395bea1d
NEW none[none] none:none
none|none none none

T:05:32:00 Win2K-f 119.94.252.189 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 d9482a428d
NEW none[none] none:none
none|none none none

T:05:34:00 WinXP 122.30.102.36 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:664 hits: 01-01 to 11-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:05:35:00 WinXP 218.233.104.117 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 a0866eeee3
NEW none[none] none:none
none|none none none

T:05:39:00 WinXP 218.48.9.23 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 c11dc10595
NEW none[none] none:none
none|none none none

05:41:00 WinXP 220.138.48.120 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 139 pcap raw alerts
ruleset ftp
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

05:43:00 Win2K-f 211.200.17.198 (-):
HANANET-LLINE-DASAN,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

05:45:00 Win2K-f 90.35.176.26 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

05:51:00 Win2K-f 203.235.71.139 (KRLINE.NET):
KRNIC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 cfbab2af66
NEW none[none] none:none
none|none none none

05:57:00 WinXP 58.229.154.93 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:25 hits: 08-15 to 11-06] none[none] none:none
none|none none none

06:04:00 Win2K-f 119.65.76.52 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

06:05:00 WinXP 218.191.92.37 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

06:05:00 WinXP 220.230.145.231 (-):
CJCABLENETJUNGBUSAN3,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 49ccdb35f1
NEW none[none] none:none
none|none none none

T:06:06:00 WinXP 211.187.189.137 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:31 hits: 07-29 to 11-06] none[none] none:none
none|none none none

06:12:00 WinXP 86.106.51.50 (UPCNET.RO):
SC UPC ROMANIA SA,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
27 lines Yeah : 1.3
profile none summary
tarball 33 of 36 e5dab5f4ec
[Firefox:18 hits: 09-26 to 11-06] none[none] none:none
none|none none none

06:13:00 Win2K-f 58.127.48.58 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:06:14:00 WinXP 81.84.215.45 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 0d7e34e329
NEW none[none] none:none
none|none none none

T:06:15:00 Win2K-f 62.141.122.86 (SPB.RU):
OJSC COMBELLGA - ST.PETERBURG,
RU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 8482e840ab
NEW none[none] none:none
none|none none none

T:06:19:00 WinXP 58.232.191.132 (-):
THRUNET-INFRA-SEOUL13,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 21ee7d1a18
NEW none[none] none:none
none|none none none

06:20:00 WinXP 78.96.164.156 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 28 of 36 f561c235d5
[Firefox: 3 hits: 10-28 to 11-06] none[none] none:none
none|none none none

06:21:00 Win2K-f 124.60.41.36 (-):
POWERCOM,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 2c93e5f5a6
NEW none[none] none:none
none|none none none

06:25:00 Win2K-f 89.137.151.117 (-):
ASTRAL SUCEAVA DOCSIS NETWORK,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 e7801a316b
[Firefox: 4 hits: 10-22 to 10-28] none[none] none:none
none|none none none

T:06:30:00 WinXP 78.139.24.100 (RUBICOM.HU):
RUBICOM,
HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 28 of 36 a67f84f2af
[Firefox: 4 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:06:31:00 Win2K-f 58.127.48.58 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:06:34:00 WinXP 211.201.252.150 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 23 of 36 b3ce57c019
[Firefox:14 hits: 08-15 to 11-06] none[none] none:none
none|none none none

06:35:00 WinXP 85.204.186.191 (UPCNET.RO):
SC UPC ROMANIA SA,
TIMISOARA, TIMIS, RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:06:41:00 Win2K-f 82.194.149.250 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:42:00 Win2K-f 119.149.105.54 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 07595c57c6
NEW none[none] none:none
none|none none none

06:47:00 Win2K-f 88.165.151.241 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 413c9ac28b
[Firefox:15 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:06:50:00 WinXP 58.226.239.134 (HANANET.NET):
HANARO TELECOM INC,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 99797e2b75
[Firefox:16 hits: 09-26 to 11-06] none[none] none:none
none|none none none

06:51:00 WinXP 203.67.40.120 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
:washington.dc.us.undernet.org
SE:vancouver.dal.net
:gaspode.zanet.org.za
:flanders.be.eu.undernet.org
NL:diemen.nl.eu.undernet.org
AT:graz.at.eu.undernet.org
:caen.fr.eu.undernet.org
BE:london.uk.eu.undernet.org
:brussels.be.eu.undernet.org
SE:coins.dal.net
SE:qis.md.us.dal.net
SE:broadway.ny.us.dal.net
:los-angeles.ca.us.undernet.org
:lulea.se.eu.undernet.org
SE:ozbytes.dal.net
SE:ced.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 b23ffca78e
[Firefox: 5 hits: 10-24 to 11-06] none[none] none:none
none|none none none

06:55:00 Win2K-f 218.39.69.64 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

07:04:00 Win2K-f 85.186.123.253 (-):
ASTRAL CONSTANTA RESIDENTIAL,
CONSTANTA, CONSTANTA, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 cd712316e7
[Firefox: 5 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:07:04:00 WinXP 203.67.40.120 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
:flanders.be.eu.undernet.org
:lulea.se.eu.undernet.org
AT:graz.at.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:viking.dal.net
:caen.fr.eu.undernet.org
SE:ozbytes.dal.net
:gaspode.zanet.org.za
NL:diemen.nl.eu.undernet.org
:washington.dc.us.undernet.org
SE:vancouver.dal.net
NL:london.uk.eu.undernet.org
US:lia.zanet.net
:brussels.be.eu.undernet.org
SE:ced.dal.net
SE:broadway.ny.us.dal.net
SE:qis.md.us.dal.net
SE:coins.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b23ffca78e
[Firefox: 5 hits: 10-24 to 11-06] none[none] none:none
none|none none none

07:04:00 Win2K-f 122.43.101.82 (-):
POWERCOMM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

07:06:00 WinXP 83.213.125.80 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:121 hits: 07-13 to 11-06] none[none] none:none
none|none none none

07:10:00 WinXP 89.137.161.50 (-):
ASTRAL GIURGIU DOCSIS NETWORK,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a7422033a1
[Firefox: 3 hits: 11-06 to 11-06] none[none] none:none
none|none none none

T:07:24:00 Win2K-f 82.240.150.19 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:07:25:00 WinXP 84.112.57.172 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 c3be2ee601
[Firefox: 9 hits: 10-22 to 11-06] none[none] none:none
none|none none none

07:26:00 WinXP 114.58.104.95 (-):
. 63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 6c03ac6c0b
NEW none[none] none:none
none|none none none

07:28:00 WinXP 124.57.129.89 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:07:29:00 Win2K-f 124.60.78.130 (-):
POWERCOM,
KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 23 of 36 b3ce57c019
[Firefox:14 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:07:29:00 WinXP 211.33.98.80 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 35 a94f8fd4c2
[Firefox:17 hits: 07-29 to 11-06] none[none] none:none
none|none none none

07:31:00 Win2K-f 58.239.57.135 (-):
THRUNET-INFRA-BUSAN18,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

07:32:00 Win2K-f 218.235.177.151 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 a4109efa5b
NEW none[none] none:none
none|none none none

T:07:34:00 WinXP 211.49.211.84 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 22 of 36 1e7f713427
NEW none[none] none:none
none|none none none

07:35:00 WinXP 211.209.213.43 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

07:40:00 WinXP 87.121.33.144 (NETERRA.NET):
NETERRAIP,
BG. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 a0012f058f
[Firefox:10 hits: 10-20 to 11-05] none[none] none:none
none|none none none

07:41:00 Win2K-f 78.96.186.245 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 27 of 35 e019377a4f
[Firefox: 4 hits: 10-28 to 11-06] none[none] none:none
none|none none none

T:07:44:00 WinXP 219.254.13.37 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:07:46:00 Win2K-f 210.3.156.198 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 36 2d6fee1696
NEW none[none] none:none
none|none none none

T:07:47:00 Win2K-f 89.137.115.45 (-):
ASTRAL CLUJ-NAPOCA DOCSIS NETWORK,
CLUJ-NAPOCA, CLUJ, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 918355cad9
[Firefox:11 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:07:49:00 Win2K-f 211.210.218.118 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

07:55:00 WinXP 86.212.195.225 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

07:57:00 WinXP 89.137.22.160 (-):
ASTRAL DEVA DOCSIS,
SIMERIA, HUNEDOARA, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 9 hits: 10-22 to 11-06] none[none] none:none
none|none none none

08:01:00 Win2K-f 211.178.208.22 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 24 of 35 a94f8fd4c2
[Firefox:17 hits: 07-29 to 11-06] none[none] none:none
none|none none none

08:04:00 Win2K-f 58.230.57.163 (-):
THRUNET-INFRA-SEOUL01,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 70022553db
[Firefox: 2 hits: 11-05 to 11-06] none[none] none:none
none|none none none

T:08:04:00 Win2K-f 80.96.151.37 (NEXTRA.RO):
SC-NEXTRA TELECOM SRL,
TIMISOARA, TIMIS, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:08:05:00 WinXP 80.218.208.37 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 21 of 22 8d2ef3175a
[Firefox: 2 hits: 10-29 to 11-03] none[none] none:none
none|none none none

T:08:06:00 WinXP 89.137.244.160 (-):
ASTRAL TIMISOARA DOCSIS NETWORK,
TIMISOARA, TIMIS, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

08:10:00 WinXP 65.68.26.197 (SWBELL.NET):
NUCOR YAMETO STEEL,
BLYTHEVILLE, ARKANSAS, US. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3488f7aa0d
NEW none[none] none:none
none|none none none

T:08:14:00 Win2K-f 218.52.237.160 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 985cebca28
NEW none[none] none:none
none|none none none

08:16:00 Win2K-f 83.143.116.46 (BSN.NO):
BSN NYDALEN STUDENT NETWORK,
NYDALEN, OSLO, NO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

08:17:00 WinXP 62.1.19.250 (FORTHNET.GR):
FORTHNET-NOC-ATH,
ATHENS, ATTIKI, GR. n/a UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:08:21:00 WinXP 89.137.58.116 (UPCNET.RO):
ASTRAL-UPC ROMAN,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:08:31:00 WinXP 218.160.176.141 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:31 hits: 07-29 to 11-06] none[none] none:none
none|none none none

T:08:32:00 Win2K-f 88.106.239.215 (AS9105.COM):
TISCALI UK LTD,
UK. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 35 89d021262b
[Firefox:29 hits: 07-29 to 11-06] none[none] none:none
none|none none none

08:36:00 WinXP 80.108.74.12 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

08:37:00 Win2K-f 79.137.81.67 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 139 pcap raw alerts
ruleset ftp
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

08:40:00 WinXP 89.137.147.110 (-):
ASTRAL MIERCUREA-CIUC DOCSIS NETWORK,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 35 ddb8dcfe6a
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:08:40:00 WinXP 78.131.123.157 (-):
EMKTV DOROG DOCSIS,
HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

08:43:00 Win2K-f 93.88.18.197 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 ead12a6c02
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

08:43:00 Win2K-f 89.136.57.146 (UPCNET.RO):
ASTRAL UPC PLOIESTI,
PLOIESTI, PRAHOVA, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 46fd30be5d
NEW none[none] none:none
none|none none none

T:08:45:00 WinXP 61.4.212.40 (-):
CJ CABLENET PUKINCHEON BROADCASTING,
INCHON, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 cc8840e4b7
[Firefox: 5 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:08:54:00 WinXP 88.163.3.49 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

08:56:00 WinXP 83.215.83.214 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:08:58:00 Win2K-f 83.215.83.214 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

09:01:00 WinXP 90.137.144.214 (SWIP.NET):
SWIPNET,
SE. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
SE:vancouver.dal.net
US:lia.zanet.net
SE:ozbytes.dal.net
:los-angeles.ca.us.undernet.org
:gaspode.zanet.org.za
SE:broadway.ny.us.dal.net
:flanders.be.eu.undernet.org
SE:qis.md.us.dal.net
SE:coins.dal.net
:washington.dc.us.undernet.org
SE:viking.dal.net
:lulea.se.eu.undernet.org
AT:graz.at.eu.undernet.org
:caen.fr.eu.undernet.org
NO:london.uk.eu.undernet.org
SE:ced.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 5eda0ddcb7
NEW none[none] none:none
none|none none none

T:09:03:00 Win2K-f 211.108.31.127 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 26 of 36 347daa99f9
[Firefox: 2 hits: 10-26 to 10-26] none[none] none:none
none|none none none

T:09:03:00 WinXP 86.52.101.148 (REV.STOFANET.DK):
STOFANET-INET-CIDR,
ÅRHUS, ARHUS, DK. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:09:04:00 WinXP 90.137.144.214 (SWIP.NET):
SWIPNET,
SE. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
:brussels.be.eu.undernet.org
NL:london.uk.eu.undernet.org
SE:ced.dal.net
SE:viking.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 5eda0ddcb7
NEW none[none] none:none
none|none none none

T:09:11:00 Win2K-f 80.74.168.56 (NEOBEE.NET):
NEOBEE.NET ISP,
CS. n/a 139 pcap raw alerts
ruleset ftp
9 lines Yeah : 0.8
profile none summary
tarball 22 of 36 687468fdfe
NEW none[none] none:none
none|none none none

09:14:00 WinXP 78.131.115.193 (-):
EMKTV HATVAN DOCSIS,
HU. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:09:15:00 WinXP 98.140.249.72 (-):
. n/a 135 pcap raw alerts
ruleset other
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

09:17:00 Win2K-f 67.204.205.237 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

T:09:19:00 WinXP 78.96.87.144 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 27 of 35 e019377a4f
[Firefox: 4 hits: 10-28 to 11-06] none[none] none:none
none|none none none

09:21:00 Win2K-f 218.191.122.211 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
15 lines Yeah : 1.3
profile none summary
tarball 25 of 36 114d93b412
[Firefox: 7 hits: 10-22 to 11-06] none[none] none:none
none|none none none

09:22:00 Win2K-f 88.163.3.49 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 b724b621a2
[Firefox: 9 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:09:24:00 Win2K-f 88.186.44.130 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:121 hits: 07-13 to 11-06] none[none] none:none
none|none none none

T:09:25:00 WinXP 211.44.172.139 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 68c19ee5f2
NEW none[none] none:none
none|none none none

T:09:29:00 WinXP 200.127.63.29 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 16fe4d40d8
[Firefox: 2 hits: 10-29 to 10-29] none[none] none:none
none|none none none

09:30:00 WinXP 88.118.79.48 (ZEBRA.LT):
LIETUVOS-TELEKOMAS,
LT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 ea39b7911d
[Firefox:25 hits: 08-15 to 11-06] none[none] none:none
none|none none none

09:31:00 Win2K-f 218.191.131.80 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

09:31:00 WinXP 85.121.77.140 (-):
SC-MWS-INTERNATIONAL-SRL,
IASI, IASI, RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:18 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:09:32:00 Win2K-f 123.111.236.157 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 1b62e9d737
NEW none[none] none:none
none|none none none

T:09:34:00 Win2K-f 89.136.25.72 (UPCNET.RO):
ASTRAL-UPC ROMAN,
TIMISOARA, TIMIS, RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 76b7a2a0ad
[Firefox: 5 hits: 11-05 to 11-06] none[none] none:none
none|none none none

09:40:00 Win2K-f 89.137.232.213 (-):
ASTRAL BRAILA DOCSIS NETWORK,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 918355cad9
[Firefox:11 hits: 10-26 to 11-06] none[none] none:none
none|none none none

09:40:00 WinXP 61.4.212.40 (-):
CJ CABLENET PUKINCHEON BROADCASTING,
INCHON, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 cc8840e4b7
[Firefox: 5 hits: 10-20 to 11-06] none[none] none:none
none|none none none

09:50:00 Win2K-f 85.95.199.248 (CALIXO.NET):
VIALIS - REGIE MUNICIPALE DE COLMAR,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 24 of 36 35aeaece3b
NEW none[none] none:none
none|none none none

T:09:51:00 WinXP 86.106.34.75 (UPCNET.RO):
SC UPC ROMANIA SA,
TIMISOARA, TIMIS, RO. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 33 of 36 8e96b2ccbc
[Firefox: 6 hits: 09-26 to 11-06] none[none] none:none
none|none none none

09:55:00 WinXP 115.138.109.104 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:56:00 WinXP 119.65.76.52 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:10:01:00 Win2K-f 88.173.213.137 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 36 a67f84f2af
[Firefox: 4 hits: 10-27 to 11-05] none[none] none:none
none|none none none

T:10:09:00 WinXP 78.96.241.174 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

10:16:00 Win2K-f 89.137.58.94 (UPCNET.RO):
ASTRAL-UPC ROMAN,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 885d9d9090
NEW none[none] none:none
none|none none none

10:17:00 Win2K-f 78.131.64.12 (-):
EMKTV BUDAPEST VLAN 20 DOCSIS,
BUDAPEST, BUDAPEST, HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:10:18:00 WinXP 119.154.34.238 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 b27d73bfcb
[Firefox:37 hits: 10-10 to 11-06] none[none] none:none
none|none none none

T:10:19:00 WinXP 77.56.194.249 (SOLPA.NET):
CABLECOM,
ZURICH, ZURICH, CH. n/a UA:citi-bank.ru
:adult-empire.com
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 eaa9422755
[Firefox: 8 hits: 10-31 to 11-05] none[none] none:none
none|none none none

10:19:00 Win2K-f 124.57.147.3 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 fdfe77944c
NEW none[none] none:none
none|none none none

10:20:00 WinXP 88.188.76.229 (PRESTONAUTO.COM):
PROXAD INTERNET SERVICE PROVIDER IN FRANCE,
FR. n/a 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:10:20:00 Win2K-f 85.186.126.238 (ASTRAL.RO):
ASTRAL-BR-AIPA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 28b1bbe949
[Firefox:18 hits: 10-20 to 11-06] none[none] none:none
none|none none none

10:21:00 WinXP 118.98.184.125 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 29 of 36 2a6d35e230
NEW none[none] none:none
none|none none none

10:25:00 WinXP 79.172.43.48 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 26 of 35 50649fc087
[Firefox:26 hits: 07-29 to 11-06] none[none] none:none
none|none none none

10:27:00 Win2K-f 219.250.68.140 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox:12 hits: 10-26 to 11-06] none[none] none:none
none|none none none

T:10:30:00 Win2K-f 84.112.220.28 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

T:10:34:00 WinXP 213.22.134.60 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
BRAGA, BRAGA, PT. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 7fd7475c63
[Firefox:10 hits: 10-29 to 11-06] none[none] none:none
none|none none none

T:10:43:00 Win2K-f 61.252.188.85 (KRLINE.NET):
KRNIC,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 29 of 36 cfbab2af66
NEW none[none] none:none
none|none none none

T:10:44:00 WinXP 90.5.227.100 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

10:44:00 Win2K-f 210.3.189.140 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

T:10:46:00 WinXP 213.188.77.246 (-):
GTS-WAYPORTPARIS,
GENEVA, GENEVA, CH. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 6f1ade2d6b
NEW none[none] none:none
none|none none none

10:49:00 WinXP 83.215.87.51 (SALZBURG-ONLINE.AT):
SALZBURG AG PROVIDES INTERNET-SERVICES,
SALZBURG, SALZBURG, AT. 63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:25 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:10:55:00 WinXP 70.64.211.70 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a RU:moscow-advokat.ru
SE:viking.dal.net
:caen.fr.eu.undernet.org
SE:ozbytes.dal.net
:flanders.be.eu.undernet.org
NL:london.uk.eu.undernet.org
:gaspode.zanet.org.za
:los-angeles.ca.us.undernet.org
:lulea.se.eu.undernet.org
SE:coins.dal.net
SE:qis.md.us.dal.net
NL:diemen.nl.eu.undernet.org
:brussels.be.eu.undernet.org
:washington.dc.us.undernet.org
SE:ced.dal.net
US:lia.zanet.net
SE:vancouver.dal.net
AT:graz.at.eu.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 6d7baa9138
[Firefox: 3 hits: 10-29 to 11-05] none[none] none:none
none|none none none

10:55:00 WinXP 70.64.211.70 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a RU:moscow-advokat.ru
SE:vancouver.dal.net
HR:london.uk.eu.undernet.org
US:lia.zanet.net
:washington.dc.us.undernet.org
NL:diemen.nl.eu.undernet.org
:brussels.be.eu.undernet.org
:lulea.se.eu.undernet.org
SE:qis.md.us.dal.net
:gaspode.zanet.org.za
SE:coins.dal.net
:flanders.be.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:broadway.ny.us.dal.net
SE:ced.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 6d7baa9138
[Firefox: 3 hits: 10-29 to 11-05] none[none] none:none
none|none none none

T:10:56:00 Win2K-f 96.48.136.18 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

11:03:00 Win2K-f 80.96.144.219 (-):
SC-GENIUS-NETWORK-SRL,
GALATI, GALATI, RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

11:03:00 Win2K-f 66.91.214.240 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HONOLULU, HAWAII, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
111 lines Yeah : 1.3
profile none summary
tarball 32 of 36
0 of 32
34 of 36 8c45399d60
[Firefox: 2 hits: 09-24 to 09-26]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06]
d9a7255548
[Firefox: 2 hits: 09-24 to 09-26] none[none]
b5919931fe[1]
none [none] none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

11:04:00 WinXP 67.150.14.129 (MDSG-PACWEST.COM):
PAC-WEST MANAGED MODEM NAS POOL,
LOS ANGELES, CALIFORNIA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

11:05:00 WinXP 89.41.70.159 (HOST-89-41-64-10.MOLDTELECOM.MD):
JSC MOLDTELECOM SA,
CHISINAU, CHISINAU, MD. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 34 of 36 10c3e12a46
[Firefox: 7 hits: 11-01 to 11-06] none[none] none:none
none|none none none

T:11:09:00 WinXP 86.52.139.157 (REV.STOFANET.DK):
STOFANET-INET-CIDR,
TAASTRUP, VESTSJALLAND, DK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 204d7a33ab
NEW none[none] none:none
none|none none none

11:10:00 Win2K-f 83.228.84.52 (FANBG.NET):
BULGARIAN TELECOMMUNICATIONS COMPANY PLC,
BG. 63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 29 of 36 625144cee4
[Firefox:25 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:11:11:00 WinXP 211.187.189.137 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 35 1be9d03a2b
[Firefox:31 hits: 07-29 to 11-06] none[none] none:none
none|none none none

11:19:00 WinXP 70.68.20.159 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b9876f20f8
NEW none[none] none:none
none|none none none

11:20:00 Win2K-f 88.180.38.15 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:11:21:00 Win2K-f 78.96.226.146 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 f1a2a263ef
[Firefox: 3 hits: 10-20 to 11-06] none[none] none:none
none|none none none

T:11:22:00 Win2K-f 122.124.133.153 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:11:30:00 WinXP 114.44.123.236 (-):
. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 36 6065b35e20
NEW none[none] none:none
none|none none none

T:11:34:00 WinXP 85.186.64.25 (-):
ASTRAL POIANA BRASOV DOCSIS NETWORK,
BRASOV, BRASOV, RO. (100Mbps) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

11:35:00 WinXP 218.191.172.197 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 36 6b28308388
[Firefox: 6 hits: 11-05 to 11-06] none[none] none:none
none|none none none

11:36:00 WinXP 218.238.180.68 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 8 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:11:39:00 Win2K-f 89.137.58.94 (UPCNET.RO):
ASTRAL-UPC ROMAN,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 30 of 35 885d9d9090
NEW none[none] none:none
none|none none none

T:11:46:00 WinXP 123.204.143.138 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:13 hits: 10-27 to 11-06] none[none] none:none
none|none none none

11:49:00 Win2K-f 89.122.56.136 (PLATINUMGROUP.RO):
ARTELECOM,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox:11 hits: 10-21 to 11-06] none[none] none:none
none|none none none

T:11:50:00 WinXP 219.241.200.45 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:11:53:00 WinXP 89.36.194.52 (-):
PF CHIRITOI ALEXANDRU,
RO. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 1e3cef226f
[Firefox: 4 hits: 11-04 to 11-06] none[none] none:none
none|none none none

11:56:00 Win2K-f 61.216.113.75 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:121 hits: 07-13 to 11-06] none[none] none:none
none|none none none

T:12:03:00 Win2K-f 88.174.33.12 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:04:00 Win2K-f 121.53.16.36 (-):
DREAMX,
KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:12:08:00 WinXP 208.94.180.107 (-):
. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 d4eed7b000
[Firefox: 4 hits: 11-03 to 11-06] none[none] none:none
none|none none none

12:09:00 WinXP 116.42.42.109 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668 :proxima.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 24ff71f0eb
NEW none[none] none:none
none|none none none

12:09:00 WinXP 208.94.180.107 (-):
. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 d4eed7b000
[Firefox: 4 hits: 11-03 to 11-06] none[none] none:none
none|none none none

12:15:00 WinXP 90.5.227.100 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:12:16:00 WinXP 85.95.199.248 (CALIXO.NET):
VIALIS - REGIE MUNICIPALE DE COLMAR,
FR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

12:18:00 Win2K-f 211.247.189.46 (-):
DREAMX-CATV-JUNGBUSANCABLE6,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 75b372822f
NEW none[none] none:none
none|none none none

T:12:20:00 WinXP 79.70.87.47 (AS9105.COM):
TELINCO,
UK. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 5a38a2e599
[Firefox: 3 hits: 10-28 to 11-06] none[none] none:none
none|none none none

T:12:21:00 Win2K-f 122.43.114.182 (-):
POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 db28b32e21
NEW none[none] none:none
none|none none none

T:12:21:00 Win2K-f 170.210.60.100 (EDU.AR):
RED DE INTERCONEXION UNIVERSITARIA,
AR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 32 of 36 c5b1d2ec7f
NEW none[none] none:none
none|none none none

12:25:00 WinXP 84.177.248.226 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
GELNHAUSEN, HESSEN, DE. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 32 of 32 03f912899b
[Firefox:194 hits: 01-08 to 11-06] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:12:27:00 WinXP 94.240.213.171 (-):
. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 36 of 36 f665a37b6c
[Firefox: 7 hits: 10-13 to 11-03] none[none] none:none
none|none none none

T:12:31:00 WinXP 85.29.204.219 (VNET.EE):
VIRUNET,
EE. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

12:31:00 Win2K-f 78.131.38.141 (-):
EMKTV BUDAPEST VLAN 06 DOCSIS,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 35 d142a982d2
[Firefox:31 hits: 08-15 to 11-06] none[none] none:none
none|none none none

12:35:00 WinXP 76.78.92.54 (APOGEENET.NET):
APOGEE TELECOM INC,
AUSTIN, TEXAS, US. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 509fec2949
NEW none[none] none:none
none|none none none

T:12:37:00 WinXP 96.10.207.159 (-):
. n/a UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 27 of 36 01ee5f87d9
NEW none[none] none:none
none|none none none

12:42:00 WinXP 82.240.180.115 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:12:49:00 WinXP 61.228.134.95 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

12:54:00 Win2K-f 24.85.108.136 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BLAINE, WASHINGTON, US. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

12:57:00 Win2K-f 83.228.82.100 (FANBG.NET):
BULGARIAN TELECOMMUNICATIONS COMPANY PLC,
BG. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 29 of 36 ea38ae2cb2
[Firefox:27 hits: 09-26 to 11-06] none[none] none:none
none|none none none

T:13:00:00 Win2K-f 80.96.144.219 (-):
SC-GENIUS-NETWORK-SRL,
GALATI, GALATI, RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:13:02:00 Win2K-f 144.134.31.32 (TMNS.NET.AU):
TELSTRAINTERNET27,
BRISBANE, QUEENSLAND, AU. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.126:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset http
60 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
8 of 33 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06]
b7082104e4
[Firefox:255 hits: 06-18 to 11-06] none[4]
b5919931fe[1]
none [4] none:none
ASM:Graph
none:none
tElock|
ASProtect|
tElock| none
lines=90
none trace
trace
trace

13:02:00 WinXP 64.38.73.114 (SPEAKEASY.NET):
US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 45d3b6bd28
[Firefox:10 hits: 10-15 to 11-04] none[none] none:none
none|none none none

T:13:09:00 WinXP 68.189.212.194 (CHARTER.COM):
CHARTER COMMUNICATIONS,
HOUSTON, TEXAS, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 289d74b4ce
[Firefox: 3 hits: 11-03 to 11-04] none[none] none:none
none|none none none

T:13:12:00 WinXP 221.124.247.3 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 30 of 36 9d31d168bd
[Firefox:13 hits: 10-20 to 11-06] none[none] none:none
none|none none none

13:13:00 WinXP 85.66.101.123 (BACS-NET.HU):
FIBERNET COMMUNICATION CO,
BUDAPEST, BUDAPEST, HU. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 26 of 36 9f2789e818
NEW none[none] none:none
none|none none none

T:13:18:00 WinXP 93.177.213.20 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a RU:moscow-advokat.ru
:caen.fr.eu.undernet.org
SE:vancouver.dal.net
NO:london.uk.eu.undernet.org
SE:coins.dal.net
SE:ozbytes.dal.net
NL:diemen.nl.eu.undernet.org
:lulea.se.eu.undernet.org
SE:viking.dal.net
SE:ced.dal.net
:brussels.be.eu.undernet.org
SE:qis.md.us.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 4e51abcf57
NEW none[none] none:none
none|none none none

13:18:00 Win2K-f 78.131.86.205 (-):
EMKTV BUDAPEST VLAN 11 DOCSIS,
BUDAPEST, BUDAPEST, HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 94156f67b0
[Firefox:18 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:13:20:00 WinXP 119.72.2.211 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:13:26:00 WinXP 61.219.67.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.124:80
US:206.33.45.125:80
US:207.123.47.126:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
57ce4acac2
[Firefox:325 hits: 06-17 to 11-06] none[4]
57ce4acac2[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

13:34:00 Win2K-f 219.241.200.45 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:13:36:00 Win2K-f 4.158.198.61 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CHICAGO, ILLINOIS, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
99 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

13:37:00 Win2K-f 85.67.54.198 (-):
FIBERNET,
HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 36 b3ce57c019
[Firefox:14 hits: 08-15 to 11-06] none[none] none:none
none|none none none

13:42:00 WinXP 211.187.191.119 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

13:42:00 WinXP 41.214.180.44 (-):
. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 10c3e12a46
[Firefox: 7 hits: 11-01 to 11-06] none[none] none:none
none|none none none

13:49:00 WinXP 75.177.21.162 (RR.COM):
ROAD RUNNER HOLDCO LLC,
GREENSBORO, NORTH CAROLINA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:13:49:00 WinXP 75.177.21.162 (RR.COM):
ROAD RUNNER HOLDCO LLC,
GREENSBORO, NORTH CAROLINA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

13:52:00 WinXP 211.49.197.101 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox:11 hits: 10-21 to 11-06] none[none] none:none
none|none none none

T:13:53:00 WinXP 201.82.10.188 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 96d089e522
[Firefox:53 hits: 10-08 to 11-06] none[none] none:none
none|none none none

T:13:57:00 Win2K-f 58.233.231.123 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 36 812025bc54
[Firefox: 7 hits: 10-29 to 11-06] none[none] none:none
none|none none none

13:59:00 Win2K-f 85.67.178.237 (-):
FIBERNET,
HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 35 of 36 1d988e57e4
[Firefox:21 hits: 09-26 to 11-06] none[none] none:none
none|none none none

14:04:00 Win2K-f 118.236.244.203 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 32 f12583a6d2
[Firefox:121 hits: 07-13 to 11-06] none[none] none:none
none|none none none

T:14:04:00 Win2K-f 83.143.116.46 (BSN.NO):
BSN NYDALEN STUDENT NETWORK,
NYDALEN, OSLO, NO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

14:15:00 Win2K-f 89.137.154.177 (-):
ASTRAL SUCEAVA DOCSIS NETWORK,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c37468ce14
[Firefox: 2 hits: 11-06 to 11-06] none[none] none:none
none|none none none

14:15:00 WinXP 61.228.134.95 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 31 of 34 aa268ff3a9
[Firefox:24 hits: 08-15 to 11-06] none[none] none:none
none|none none none

14:24:00 Win2K-f 211.172.225.151 (KCI.CO.KR):
HANNET-INFRA,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
:proxima.ircgalaxy.pl
US:download.microsoft.com
US:204.160.104.126:80
US:205.128.70.126:80
US:207.123.37.123:80 135 pcap raw alerts
ruleset http
98 lines Yeah : 1.3
profile none summary
tarball 34 of 36
30 of 32
0 of 32 0d740ba866
NEW
8390780c27
[Firefox:42 hits: 06-18 to 11-02]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[none]
none [4]
b5919931fe[1] none:none
none:none
ASM:Graph
none|none
tElock|
ASProtect| none
none
lines=90 none
trace
trace

14:28:00 WinXP 170.210.60.100 (EDU.AR):
RED DE INTERCONEXION UNIVERSITARIA,
AR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 32 of 36 c5b1d2ec7f
NEW none[none] none:none
none|none none none

T:14:34:00 WinXP 66.166.62.174 (COVAD.NET):
COVAD COMMUNICATIONS CO,
HOUSTON, TEXAS, US. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:46 hits: 08-01 to 11-06] none[none] none:none
none|none none none

14:34:00 WinXP 24.207.55.61 (DCCNET.COM):
DELTA DCCNET HIGH SPEED INTERNET,
DELTA, BRITISH COLUMBIA, CA. 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 1.3
profile none summary
tarball 34 of 36 71a8c0f10b
[Firefox: 2 hits: 10-30 to 11-04] none[none] none:none
none|none none none

14:45:00 Win2K-f 78.131.12.32 (-):
EMKTV BUDAPEST VLAN 10 DOCSIS,
BUDAPEST, BUDAPEST, HU. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

14:54:00 WinXP 58.233.231.123 (-):
THRUNET-INFRA-SEOUL14,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 29 of 36 812025bc54
[Firefox: 7 hits: 10-29 to 11-06] none[none] none:none
none|none none none

T:14:59:00 WinXP 218.211.83.89 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH. CO. LTD,
TW. n/a 135 pcap raw alerts
ruleset other
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

15:00:00 WinXP 62.51.59.153 (AOL.COM):
DSL-CSI-NL,
UK. (DSL) 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 30 of 36 13b148296b
[Firefox:22 hits: 09-26 to 11-06] none[none] none:none
none|none none none

15:03:00 Win2K-f 68.71.67.132 (SPEAKEASY.NET):
US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

T:15:08:00 WinXP 205.201.122.61 (CLASSICNET.NET):
CEBRIDGE CONNECTIONS,
US. 63.173.172.98:6668 :proxim.ircgalaxy.pl
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c748cf2b25
NEW none[none] none:none
none|none none none

15:11:00 Win2K-f 82.247.251.233 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 7c2b50c774
[Firefox:46 hits: 08-01 to 11-06] none[none] none:none
none|none none none

15:12:00 WinXP 88.222.136.206 (-):
KAUNAS MEGANET CORE5 NETWORK,
KAUNAS, KAUNO APSKRITIS, LT. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 8 hits: 10-22 to 11-06] none[none] none:none
none|none none none

T:15:14:00 WinXP 92.112.149.106 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 1e3cef226f
[Firefox: 4 hits: 11-04 to 11-06] none[none] none:none
none|none none none

T:15:26:00 Win2K-f 89.137.154.177 (-):
ASTRAL SUCEAVA DOCSIS NETWORK,
RO. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c37468ce14
[Firefox: 2 hits: 11-06 to 11-06] none[none] none:none
none|none none none

T:15:35:00 WinXP 125.230.77.191 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

T:15:39:00 WinXP 217.203.138.153 (-):
TELECOM ITALIA MOBILE,
IT. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 f3f1ed8b36
[Firefox:11 hits: 11-02 to 11-06] none[none] none:none
none|none none none

T:15:40:00 Win2K-f 82.127.163.128 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

15:40:00 WinXP 219.251.196.29 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80 135 pcap raw alerts
ruleset http
115 lines Yeah : 1.3
profile none summary
tarball 30 of 33
28 of 33 533d15b5ce
[Firefox:40 hits: 06-21 to 11-02]
58c343a8d8
[Firefox:44 hits: 06-21 to 11-02] none[4]
58c343a8d8[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:15:50:00 Win2K-f 211.247.189.46 (-):
DREAMX-CATV-JUNGBUSANCABLE6,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 34 of 36 75b372822f
NEW none[none] none:none
none|none none none

T:15:51:00 WinXP 118.167.115.142 (-):
. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 33 e286d9e6a9
[Firefox:28 hits: 07-13 to 11-05] none[none] none:none
none|none none none

15:51:00 Win2K-f 220.130.83.3 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
96 lines Yeah : 1.3
profile none summary
tarball 0 of 33
29 of 32
0 of 32 57ce4acac2
[Firefox:325 hits: 06-17 to 11-06]
83f26f5044
[Firefox:36 hits: 06-20 to 11-05]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] 57ce4acac2 [1]
none [4]
b5919931fe[1] ASM:Graph
none:none
ASM:Graph
Armadillo|
tElock|
ASProtect| lines=81
none
lines=90 trace
trace
trace

T:15:53:00 WinXP 222.254.131.143 (HNPT.COM.VN):
VIETNAM TELECOM NATIONAL,
VN. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 28 of 36 7b5895e921
NEW none[none] none:none
none|none none none

15:58:00 WinXP 219.107.129.149 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
ATSUGI, KANAGAWA, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:664 hits: 01-01 to 11-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

16:00:00 WinXP 24.82.163.21 (SHELLCOMPUTERS.COM):
SHAW COMMUNICATIONS INC,
COQUITLAM, BRITISH COLUMBIA, CA. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 0c390db94d
[Firefox: 4 hits: 10-01 to 11-03] none[none] none:none
none|none none none

T:16:11:00 WinXP 82.240.180.115 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball none af222ae6db
[Firefox:17 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:16:12:00 WinXP 211.49.197.101 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 35 ac25ac39b4
[Firefox:11 hits: 10-21 to 11-06] none[none] none:none
none|none none none

16:13:00 WinXP 68.149.173.42 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 e05bf8806e
NEW none[none] none:none
none|none none none

16:13:00 WinXP 203.238.49.91 (-):
ENTERPRISENET-MAN-PUSANCATV,
PUSAN, PUSAN-GWANGYOKSI, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
215 lines Yeah : 1.3
profile none summary
tarball 33 of 34 c50e298b27
[Firefox:12 hits: 10-26 to 11-06] none[none] none:none
none|none none none

16:14:00 WinXP 190.17.226.233 (COM.AR):
CABLEVISION S.A,
AR. n/a RU:moscow-advokat.ru
SE:viking.dal.net
SE:ced.dal.net
:los-angeles.ca.us.undernet.org
:flanders.be.eu.undernet.org
SE:broadway.ny.us.dal.net
SE:qis.md.us.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 96d089e522
[Firefox:53 hits: 10-08 to 11-06] none[none] none:none
none|none none none

16:16:00 Win2K-f 75.79.45.171 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:4.23.60.125:80 135 pcap raw alerts
ruleset other
84 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:16:19:00 Win2K-f 211.172.225.151 (KCI.CO.KR):
HANNET-INFRA,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
:proxima.ircgalaxy.pl
US:download.microsoft.com
US:199.93.53.125:80
US:4.23.60.125:80 135 pcap raw alerts
ruleset http
98 lines Yeah : 1.3
profile none summary
tarball 34 of 36
30 of 32
0 of 32 0d740ba866
NEW
8390780c27
[Firefox:42 hits: 06-18 to 11-02]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[none]
none [4]
b5919931fe[1] none:none
none:none
ASM:Graph
none|none
tElock|
ASProtect| none
none
lines=90 none
trace
trace

16:22:00 Win2K-f 211.200.114.15 (HANANET.NET):
HANARO TELECOM INC,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 20 of 36 0db664089d
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

16:34:00 Win2K-f 212.10.115.163 (REV.STOFANET.DK):
TELIA STOFA A/S,
COPENHAGEN, COPENHAGEN, DK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 36 d824441625
NEW none[none] none:none
none|none none none

16:35:00 WinXP 90.137.144.6 (SWIP.NET):
SWIPNET,
SE. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
AT:graz.at.eu.undernet.org
SE:vancouver.dal.net
:brussels.be.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:qis.md.us.dal.net
SE:broadway.ny.us.dal.net
:lulea.se.eu.undernet.org
:gaspode.zanet.org.za
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 5eda0ddcb7
NEW none[none] none:none
none|none none none

16:39:00 Win2K-f 216.77.193.163 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
PICAYUNE, MISSISSIPPI, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:192.221.96.126:80 135 pcap raw alerts
ruleset http
88 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

16:48:00 Win2K-f 124.57.6.210 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

16:53:00 WinXP 61.216.2.69 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 32 of 36 d715fea030
NEW none[none] none:none
none|none none none

16:57:00 Win2K-f 78.96.248.20 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 a5bbc7d87b
NEW none[none] none:none
none|none none none

16:58:00 WinXP 70.64.133.105 (GASOC.COM):
SHAW COMMUNICATIONS INC,
SASKATOON, SASKATCHEWAN, CA. (DSL) n/a RU:moscow-advokat.ru
AT:graz.at.eu.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 96d089e522
[Firefox:53 hits: 10-08 to 11-06] none[none] none:none
none|none none none

T:17:15:00 Win2K-f 222.234.234.234 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:198.78.201.126:80
US:205.128.73.126:80 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
31 of 33 b74e792974
[Firefox:15 hits: 06-18 to 10-29]
f0e73c39a8
[Firefox:16 hits: 06-18 to 10-29] b74e792974 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

T:17:24:00 WinXP 203.238.49.91 (-):
ENTERPRISENET-MAN-PUSANCATV,
PUSAN, PUSAN-GWANGYOKSI, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 34 of 36 3a322fdf34
[Firefox:16 hits: 09-26 to 11-06] none[none] none:none
none|none none none

17:26:00 Win2K-f 58.234.139.233 (-):
THRUNET-INFRA-SEOUL16,
SEOUL, KYONGGI-DO, KR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 33 of 36 17e0d9aa63
[Firefox: 8 hits: 10-22 to 11-06] none[none] none:none
none|none none none

17:26:00 Win2K-f 82.127.163.128 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 25 of 36 bcae797d03
[Firefox:27 hits: 08-01 to 11-06] none[none] none:none
none|none none none

17:27:00 WinXP 84.75.179.41 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. (DSL) 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 2f93a7bc0e
NEW none[none] none:none
none|none none none

T:17:32:00 WinXP 66.65.215.253 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CLIFTON PARK, NEW YORK, US. n/a EU:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com 445 pcap raw alerts
ruleset http
http
9 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:303 hits: 01-01 to 11-06] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:17:40:00 WinXP 69.55.136.203 (SOFNET.NET):
SOFNET INC,
MONETT, MISSOURI, US. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 10c3e12a46
[Firefox: 7 hits: 11-01 to 11-06] none[none] none:none
none|none none none

17:40:00 WinXP 125.230.77.191 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

17:42:00 WinXP 24.76.242.142 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 38c149e472
NEW none[none] none:none
none|none none none

T:17:46:00 WinXP 68.151.220.120 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox: 3 hits: 10-26 to 11-01] none[none] none:none
none|none none none

T:17:53:00 Win2K-f 4.245.121.215 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MODESTO, CALIFORNIA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
52 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:1878 hits: 06-18 to 11-06] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

17:56:00 Win2K-f 70.61.108.77 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CHARLOTTE, NORTH CAROLINA, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

17:59:00 Win2K-f 121.73.39.56 (TELSTRACLEAR.NET):
TELECOMMUNICATIONS COMPANY,
WELLINGTON, WELLINGTON, NZ. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80 135 pcap raw alerts
ruleset other
348 lines Yeah : 1.3
profile none summary
tarball 32 of 36
34 of 36 7f89b38665
[Firefox:33 hits: 08-02 to 11-06]
a51a50404e
[Firefox:33 hits: 08-02 to 11-06] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:00:00 WinXP 24.76.167.190 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:841 hits: 12-31 to 11-06] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

18:05:00 Win2K-f 63.19.29.109 (UU.NET):
UUNET TECHNOLOGIES INC,
ST. LOUIS, MISSOURI, US. (DIAL) n/a US:microsoft.com
:proxim.ircgalaxy.pl
US:download.microsoft.com
US:199.93.41.126:80
US:199.93.53.125:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset http
104 lines Yeah : 1.3
profile none summary
tarball 31 of 33
28 of 32 4d80398b09
[Firefox: 3 hits: 06-28 to 08-14]
9bc67c754e
[Firefox: 5 hits: 06-28 to 08-27] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

18:05:00 WinXP 4.158.27.85 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CHICAGO, ILLINOIS, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80
US:199.93.53.125:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset other
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

18:07:00 WinXP 96.15.188.126 (-):
. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 e627e22dab
NEW none[none] none:none
none|none none none

T:18:16:00 Win2K-f 124.57.6.210 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

18:27:00 Win2K-f 72.243.205.59 (-):
SHENTEL CONVERGED SERVICES,
DURHAM, NORTH CAROLINA, US. 63.173.172.98:6668
US:63.173.172.98:6668 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 21 of 36 d73bdf4a0e
[Firefox:12 hits: 10-27 to 11-06] none[none] none:none
none|none none none

T:18:31:00 WinXP 209.127.208.49 (-):
TELSCAPE COMMUNICATIONS INC,
MONROVIA, CALIFORNIA, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
116 lines Yeah : 1.3
profile none summary
tarball 34 of 36
32 of 36 a8c074e136
[Firefox: 7 hits: 08-21 to 11-02]
fc22cbd605
[Firefox: 7 hits: 08-21 to 11-02] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:33:00 WinXP 200.222.195.203 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 30 of 32 46fc4228b4
[Firefox: 3 hits: 03-26 to 03-29] c0b43e82de [0] ASM:Graph
PolyEnE| lines=129 trace

18:35:00 Win2K-f 209.250.154.247 (PATHCOM.COM):
PATHWAY COMMUNICATIONS,
TORONTO, ONTARIO, CA. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
116 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

18:36:00 Win2K-f 173.32.247.86 (-):
. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
255 lines Yeah : 1.3
profile none summary
tarball 34 of 36
34 of 36
0 of 32 1a2c8ec118
NEW
4c99d35b8a
NEW
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[none]
none [none]
b5919931fe[1] none:none
none:none
ASM:Graph
none|none
none|none
ASProtect| none
none
lines=90 none
none
trace

T:18:36:00 Win2K-f 58.234.139.233 (-):
THRUNET-INFRA-SEOUL16,
SEOUL, KYONGGI-DO, KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 36 ca172c3868
[Firefox: 9 hits: 10-22 to 11-06] none[none] none:none
none|none none none

18:41:00 Win2K-f 114.200.185.25 (-):
. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:192.221.99.124:80
US:205.128.73.126:80 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
31 of 33 168aab35a3
[Firefox:184 hits: 06-17 to 11-03]
667f0c59f3
[Firefox:32 hits: 07-04 to 11-03] none[4]
none [none] none:none
none:none
tElock|
none|none none
none trace
none

T:18:47:00 WinXP 211.18.93.40 (DION.NE.JP):
DION (KDDI CORPORATION),
KOCHI, KOCHI, JP. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:533 hits: 01-05 to 11-06] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

18:50:00 WinXP 209.214.150.112 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
NEW ORLEANS, LOUISIANA, US. n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
US:spi.domainsponsor.com
:www.proxy-socks.net
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
13 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:303 hits: 01-01 to 11-06] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:19:03:00 WinXP 64.32.116.167 (CODETEL.NET.DO):
VERIZON DOMINICANA,
DO. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:208 hits: 01-03 to 11-06] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:19:05:00 WinXP 121.84.0.100 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 36 of 36 26b398e92b
NEW none[none] none:none
none|none none none

19:12:00 Win2K-f 4.255.243.119 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) n/a 135 pcap raw alerts
ruleset other
154 lines Yeah : 1.3
profile none summary
tarball 0 of 33 a08f3b74a4
[Firefox:1348 hits: 06-18 to 11-06] a08f3b74a4 [1] ASM:Graph
Armadillo| lines=81 trace

T:19:14:00 WinXP 75.79.70.135 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:841 hits: 12-31 to 11-06] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

19:20:00 Win2K-f 24.92.189.231 (RR.COM):
ROAD RUNNER HOLDCO LLC,
TAMPA, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com
US:4.23.60.125:80 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
a08f3b74a4
[Firefox:1348 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
a08f3b74a4[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

19:23:00 WinXP 211.18.93.40 (DION.NE.JP):
DION (KDDI CORPORATION),
KOCHI, KOCHI, JP. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:533 hits: 01-05 to 11-06] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:19:24:00 Win2K-f 65.183.151.137 (BURLINGTONTELECOM.NET):
BURLINGTON TELECOM,
BURLINGTON, VERMONT, US. n/a US:microsoft.com
US:download.microsoft.com
US:205.128.73.126:80
US:206.33.45.125:80 135 pcap raw alerts
ruleset http
111 lines Yeah : 1.3
profile none summary
tarball 34 of 36
0 of 32
32 of 36 27e96e9b13
NEW
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06]
c48edd55a3
NEW none[none]
b5919931fe[1]
none [none] none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

19:40:00 WinXP 64.53.89.23 (COMPORIUM.NET):
ROCK HILL TELEPHONE COMPANY,
ROCK HILL, SOUTH CAROLINA, US. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 f665a37b6c
[Firefox: 7 hits: 10-13 to 11-03] none[none] none:none
none|none none none

T:19:40:00 WinXP 64.53.89.23 (COMPORIUM.NET):
ROCK HILL TELEPHONE COMPANY,
ROCK HILL, SOUTH CAROLINA, US. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 36 f665a37b6c
[Firefox: 7 hits: 10-13 to 11-03] none[none] none:none
none|none none none

T:19:53:00 WinXP 121.254.122.237 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 555fd0d0b3
[Firefox: 2 hits: 10-07 to 10-25] none[none] none:none
none|none none none

19:56:00 WinXP 70.72.144.171 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:4.23.60.126:80
US:8.12.222.126:80 135 pcap raw alerts
ruleset other
110 lines Yeah : 1.3
profile none summary
tarball 34 of 36
32 of 36 38eea8f3d5
NEW
4e1abe0fe9
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:58:00 Win2K-f 211.201.166.46 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
:proxima.ircgalaxy.pl
US:download.microsoft.com
US:192.221.110.126:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset http
87 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 1509c8d024
[Firefox:42 hits: 06-17 to 11-05]
a08f3b74a4
[Firefox:1348 hits: 06-18 to 11-06] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:20:07:00 WinXP 117.99.30.97 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 f3f1ed8b36
[Firefox:11 hits: 11-02 to 11-06] none[none] none:none
none|none none none

T:20:08:00 WinXP 90.35.145.102 (ABO.WANADOO.FR):
IP2000-ADSL-BAS,
FR. 63.173.172.98:6667
US:63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 34 e362f1c062
[Firefox:32 hits: 08-15 to 11-06] none[none] none:none
none|none none none

T:20:12:00 Win2K-f 4.158.198.61 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CHICAGO, ILLINOIS, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
214 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:1878 hits: 06-18 to 11-06] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

20:13:00 WinXP 117.99.40.10 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 3253e93719
NEW none[none] none:none
none|none none none

20:27:00 WinXP 209.127.208.49 (-):
TELSCAPE COMMUNICATIONS INC,
MONROVIA, CALIFORNIA, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:199.93.53.125:80
US:205.128.73.126:80 135 pcap raw alerts
ruleset http
150 lines Yeah : 1.3
profile none summary
tarball 34 of 36
0 of 33
32 of 36 a8c074e136
[Firefox: 7 hits: 08-21 to 11-02]
e07c29c4ae
[Firefox:804 hits: 06-19 to 11-06]
fc22cbd605
[Firefox: 7 hits: 08-21 to 11-02] none[none]
e07c29c4ae[1]
none [none] none:none
ASM:Graph
none:none
none|none
FSG|
none|none none
lines=92
none none
trace
none

T:20:31:00 WinXP 219.107.129.149 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
ATSUGI, KANAGAWA, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:664 hits: 01-01 to 11-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

20:31:00 Win2K-f 124.241.183.98 (STARCAT.NE.JP):
KMN CORPORATION,
NAGOYA, AICHI, JP. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
a08f3b74a4
[Firefox:1348 hits: 06-18 to 11-06]
b5919931fe
[Firefox:1073 hits: 06-20 to 11-06] none[4]
a08f3b74a4[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

20:38:00 WinXP 122.19.147.242 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:664 hits: 01-01 to 11-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:20:47:00 WinXP 4.228.204.90 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NAMPA, IDAHO, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 f7b3f7139f
NEW none[none] none:none
none|none none none

T:20:51:00 WinXP 117.99.47.33 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 632e315db2
[Firefox:35 hits: 10-03 to 11-05] none[none] none:none
none|none none none

20:54:00 WinXP 76.181.243.228 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:20:54:00 WinXP 76.181.243.228 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:20:56:00 WinXP 66.50.174.16 (PRTC.NET):
PUERTO RICO TELEPHONE COMPANY,
SAN JUAN, PUERTO RICO, PR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

21:03:00 WinXP 72.225.209.3 (RR.COM):
ROAD RUNNER HOLDCO LLC,
MIDDLE VILLAGE, NEW YORK, US. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:519 hits: 12-31 to 11-05] 048df78048 [0] ASM:Graph
none|none lines=61 trace

21:06:00 Win2K-f 209.127.192.35 (-):
TELSCAPE COMMUNICATIONS INC,
TORONTO, OHIO, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:204.160.104.126:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
118 lines Yeah : 1.3
profile none summary
tarball 34 of 36
32 of 36 a8c074e136
[Firefox: 7 hits: 08-21 to 11-02]
fc22cbd605
[Firefox: 7 hits: 08-21 to 11-02] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:08:00 WinXP 119.154.43.8 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 698a0c3503
NEW none[none] none:none
none|none none none

T:21:10:00 WinXP 24.84.122.141 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LANGLEY, BRITISH COLUMBIA, CA. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 dfbb616361
NEW none[none] none:none
none|none none none

21:19:00 WinXP 213.22.132.76 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
BRAGA, BRAGA, PT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 c728a4ef6f
NEW none[none] none:none
none|none none none

T:21:19:00 WinXP 213.22.132.76 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
BRAGA, BRAGA, PT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 c728a4ef6f
NEW none[none] none:none
none|none none none

21:22:00 WinXP 122.26.146.159 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:533 hits: 01-05 to 11-06] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

21:28:00 Win2K-f 89.137.154.177 (-):
ASTRAL SUCEAVA DOCSIS NETWORK,
RO. 63.173.172.98:6667 139 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c37468ce14
[Firefox: 2 hits: 11-06 to 11-06] none[none] none:none
none|none none none

T:21:45:00 Win2K-f 122.146.242.134 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH. CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 135 pcap raw alerts
ruleset other
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

21:47:00 WinXP 82.64.35.142 (PROXAD.NET):
PROXAD / FREE SAS,
VERSAILLES, ILE-DE-FRANCE, FR. (DSL) 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 b0d4bed1be
NEW none[none] none:none
none|none none none

T:21:47:00 WinXP 82.64.35.142 (PROXAD.NET):
PROXAD / FREE SAS,
VERSAILLES, ILE-DE-FRANCE, FR. (DSL) n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b0d4bed1be
NEW none[none] none:none
none|none none none

T:21:48:00 WinXP 78.31.59.61 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a RU:moscow-advokat.ru
SE:vancouver.dal.net
:brussels.be.eu.undernet.org
SE:viking.dal.net
SE:broadway.ny.us.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 96d089e522
[Firefox:53 hits: 10-08 to 11-06] none[none] none:none
none|none none none

T:22:14:00 WinXP 4.228.213.69 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LAS VEGAS, NEVADA, US. (DIAL) n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:841 hits: 12-31 to 11-06] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

22:21:00 WinXP 124.57.6.210 (-):
POWERCOM,
KR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:22:26:00 WinXP 66.103.120.85 (CTSIOK.NET):
CHICKASAW TELECOMMUNICATIONS SERVICES INC,
STILLWATER, OKLAHOMA, US. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 289d74b4ce
[Firefox: 3 hits: 11-03 to 11-04] none[none] none:none
none|none none none

22:27:00 Win2K-f 211.200.116.21 (HANANET.NET):
HANARO TELECOM INC,
KR. n/a US:microsoft.com
:proxim.ircgalaxy.pl
US:download.microsoft.com
US:204.160.104.126:80
US:207.123.37.126:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
105 lines Yeah : 1.3
profile none summary
tarball 30 of 33
2 of 36 2e04b06527
[Firefox:17 hits: 06-18 to 11-04]
514265be41
[Firefox: 6 hits: 09-24 to 11-03] none[4]
none [none] none:none
none:none
tElock|
none|none none
none trace
none

22:29:00 WinXP 117.99.6.13 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

22:34:00 Win2K-f 98.174.0.4 (-):
. n/a 135 pcap raw alerts
ruleset other
54 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:1878 hits: 06-18 to 11-06] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

22:35:00 WinXP 130.13.69.64 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
:caen.fr.eu.undernet.org
:lulea.se.eu.undernet.org
SE:qis.md.us.dal.net
SE:viking.dal.net
SE:ced.dal.net
:los-angeles.ca.us.undernet.org
:gaspode.zanet.org.za
NL:diemen.nl.eu.undernet.org
SE:coins.dal.net
:brussels.be.eu.undernet.org
SE:ozbytes.dal.net
:flanders.be.eu.undernet.org
NO:london.uk.eu.undernet.org
US:lia.zanet.net
SE:vancouver.dal.net
AT:graz.at.eu.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 2231eb8648
[Firefox: 4 hits: 10-31 to 11-06] none[none] none:none
none|none none none

T:22:37:00 Win2K-f 64.250.78.174 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.104.126:80 135 pcap raw alerts
ruleset http
145 lines Yeah : 1.3
profile none summary
tarball 32 of 36
34 of 36 632ca807a6
NEW
9c2207ef84
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:22:51:00 WinXP 61.20.175.170 (-):
FAR EASTONE TELECOMMUNICATION CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1455 hits: 12-31 to 11-06] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

23:00:00 WinXP 130.13.133.252 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:01:00 WinXP 130.13.133.252 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

23:21:00 Win2K-f 173.16.65.241 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.124:80 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
a08f3b74a4
[Firefox:1348 hits: 06-18 to 11-06] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:22:00 WinXP 70.60.10.186 (RR.COM):
ROAD RUNNER HOLDCO LLC,
NASHPORT, OHIO, US. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.124:80
US:205.128.70.126:80
US:205.128.73.126:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:25:00 WinXP 61.219.67.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.125:80
US:205.128.70.126:80
US:207.123.37.123:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
57ce4acac2
[Firefox:325 hits: 06-17 to 11-06] none[4]
57ce4acac2[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:29:00 Win2K-f 70.66.65.240 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
NANAIMO, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.125:80
US:205.128.70.126:80
US:207.123.37.123:80 135 pcap raw alerts
ruleset other
110 lines Yeah : 1.3
profile none summary
tarball 32 of 36
34 of 36 12e484a198
[Firefox:10 hits: 10-01 to 11-05]
2e43dc0077
[Firefox:12 hits: 10-01 to 11-05] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:23:32:00 WinXP 221.255.29.84 (UCOM.NE.JP):
KT,
JP. (100Mbps) n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 265b3cd483
NEW none[none] none:none
none|none none none

T:23:40:00 Win2K-f 64.183.128.27 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HEMET, CALIFORNIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.96.126:80
US:207.123.47.126:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
64 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
b7082104e4
[Firefox:255 hits: 06-18 to 11-06] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

T:23:48:00 WinXP 98.141.163.233 (-):
. n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

23:54:00 WinXP 74.214.47.11 (METROCAST.NET):
GMP CABLE TV,
BERWICK, PENNSYLVANIA, US. 194.109.11.65:6556 :0x80.my-secure.name
NL:0x80.my1x1.com
NL:0x80.martiansong.com 135 pcap raw alerts
ruleset other
229 lines Yeah : 1.8
profile none summary
tarball 32 of 33 fe22b8315f
[Firefox:12 hits: 06-19 to 10-25] none[4] none:none
StarForce| none trace

23:54:00 Win2K-f 70.61.180.117 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HEBRON, OHIO, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.124:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:3775 hits: 06-17 to 11-06]
73f1082158
[Firefox:1878 hits: 06-18 to 11-06] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:55:00 WinXP 193.250.196.24 (ABO.WANADOO.FR):
WANADOO FRANCE,
PARIS, ILE-DE-FRANCE, FR. n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
GB:new.egg.com
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
9 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:303 hits: 01-01 to 11-06] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace