Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

20 November 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:06:00 WinXP 83.253.29.18 (COMHEM.SE):
COM HEM CUSTOMER BROADBAND ACCESS,
UPPSALA, UPPSALA, SE. n/a EU:proxim.ircgalaxy.pl
EU:79.132.211.24:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 ec470f944a
NEW none[none] none:none
none|none none none

00:17:00 WinXP 203.91.191.141 (STARCAT.NE.JP):
KMN CORPORATION,
NAGOYA, AICHI, JP. 67.43.236.98:1863 CA:xx.enterhere.biz
CA:zonetech.info
CA:alwayssam.com 135 pcap raw alerts
ruleset irc
http
280 lines Yeah : 1.8
profile none summary
tarball 21 of 36
31 of 33 41b9df60db
[Firefox:13 hits: 11-03 to 11-19]
954a98c971
[Firefox:13 hits: 06-09 to 11-19] none[none]
none [4] none:none
none:none
none|none
FSG| none
none none
trace

00:35:00 WinXP 203.231.0.131 (-):
HANSOLNET-LLINE-DESIGNPARK,
SEOUL, KYONGGI-DO, KR. 79.132.211.24:65520
EU:79.132.211.24:65520 139 pcap raw alerts
ruleset irc
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:01:00:00 Win2K-f 75.36.121.141 (SBCGLOBAL.NET):
IRIS MFG INC,
PLANO, TEXAS, US. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
74 lines Yeah : 1.3
profile none summary
tarball 1 of 33
33 of 33 4ca3056804
[Firefox:11 hits: 06-18 to 11-01]
53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19] 4ca3056804 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

01:05:00 WinXP 60.35.135.240 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 34 of 35 e604210b1a
[Firefox: 4 hits: 11-13 to 11-19] none[none] none:none
none|none none none

01:17:00 WinXP 222.147.177.103 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:492 hits: 04-01 to 11-19] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

01:38:00 Win2K-f 219.248.139.236 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl
US:microsoft.com
CN:fleshkatera.cn
CN:lolika.cn
CN:www.upononjob.cn
CN:mulfika.cn
US:do-power-scan.com
:av-pro-2009.com 135 pcap raw alerts
ruleset irc
http
http
http
287 lines Yeah : 1.8
profile none summary
tarball 0 of 32
11 of 36
8 of 36
29 of 32
11 of 36 73f1082158
[Firefox:2021 hits: 06-18 to 11-19]
752d7e4cf2
NEW
8ceee5cf8e
NEW
9d677c3f70
[Firefox: 7 hits: 06-20 to 08-12]
fb8f82fcb3
[Firefox:37 hits: 10-24 to 11-19] 73f1082158 [1]
none [none]
none [none]
none [4]
none [none] ASM:Graph
none:none
none:none
none:none
none:none
Armadillo|
none|none
none|none
tElock|
none|none lines=81
none
none
none
none trace
none
none
trace
none

T:01:42:00 Win2K-f 219.115.208.186 (ZAQ.NE.JP):
TOYONAKA IKEDA CABLENET CO. LTD,
TOYONAKA, OSAKA, JP. 194.109.11.65:6556 NL:0x80.online-software.org 135 pcap raw alerts
ruleset other
270 lines Yeah : 1.8
profile none summary
tarball 36 of 36 0c01728b7e
[Firefox: 4 hits: 08-30 to 09-30] none[none] none:none
none|none none none

02:00:00 WinXP 211.119.72.250 (BORA.NET):
BORANET-NET,
KR. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
US:microsoft.com 135 pcap raw alerts
ruleset irc
239 lines Yeah : 1.8
profile none summary
tarball 30 of 34
34 of 36 3060fff5c0
[Firefox: 6 hits: 08-22 to 11-04]
a7d11d75cd
[Firefox: 6 hits: 08-22 to 11-04] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:02:01:00 WinXP 83.12.132.228 (TPNET.PL):
CUSTOMER-IDSL,
PL. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

02:09:00 WinXP 64.250.66.63 (-):
. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
110 lines Yeah : 1.3
profile none summary
tarball 32 of 36
34 of 36 632ca807a6
[Firefox: 2 hits: 11-07 to 11-14]
9c2207ef84
[Firefox: 2 hits: 11-07 to 11-14] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:02:24:00 WinXP 41.214.156.117 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 37 f44bfbc34e
NEW none[none] none:none
none|none none none

02:36:00 Win2K-f 116.122.27.93 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset irc
143 lines Yeah : 1.8
profile none summary
tarball 30 of 33
30 of 33 69be040d0b
[Firefox:10 hits: 06-21 to 11-12]
81bbbeac34
[Firefox:10 hits: 06-21 to 11-12] none[4]
81bbbeac34[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:02:45:00 WinXP 85.122.96.14 (RNC.RO):
RNC,
RO. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 c05385e600
[Firefox:24 hits: 05-12 to 11-15] 6a383b021d [0] ASM:Graph
PolyEnE| lines=68 trace

02:56:00 Win2K-f 78.106.173.22 (CORBINA.NET):
INVESTELEKTROSVIAZ LTD,
RU. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset irc
16 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:13:00 Win2K-f 70.182.31.42 (COX.NET):
COX COMMUNICATIONS,
SILOAM SPRINGS, ARKANSAS, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

03:31:00 Win2K-f 76.213.146.60 (SBCGLOBAL.NET):
PPPOX POOL - BRAS2.OKCYOK,
EDMOND, OKLAHOMA, US. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:03:42:00 WinXP 117.99.56.31 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 15093b4cc0
[Firefox:14 hits: 11-09 to 11-19] none[none] none:none
none|none none none

T:03:43:00 Win2K-f 209.226.100.60 (BELL.CA):
BELL CANADA,
TORONTO, ONTARIO, CA. (DIAL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
101 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

04:01:00 WinXP 211.203.102.124 (HANANET.NET):
HANARO TELECOM INC,
KR. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset irc
127 lines Yeah : 1.8
profile none summary
tarball 30 of 33
28 of 33 533d15b5ce
[Firefox:48 hits: 06-21 to 11-18]
58c343a8d8
[Firefox:52 hits: 06-21 to 11-18] none[4]
58c343a8d8[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

04:19:00 WinXP 213.22.14.237 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. (DSL) 194.54.90.246:80 EU:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
irc
3 lines Yeah : 1.3
profile none summary
tarball 34 of 36 0a351b0b88
[Firefox: 3 hits: 11-14 to 11-19] none[none] none:none
none|none none none

04:28:00 WinXP 115.83.209.11 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 37 d85caa614c
NEW none[none] none:none
none|none none none

T:04:28:00 WinXP 115.83.209.11 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 37 d85caa614c
NEW none[none] none:none
none|none none none

04:38:00 WinXP 92.96.53.81 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:204 hits: 04-16 to 11-19] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:04:41:00 WinXP 94.180.201.26 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 63f13fe223
[Firefox: 3 hits: 10-28 to 11-15] none[none] none:none
none|none none none

T:05:22:00 WinXP 70.183.164.236 (COX.NET):
COX COMMUNICATIONS,
WARWICK, RHODE ISLAND, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

05:30:00 WinXP 85.85.97.87 (CLIENTES.EUSKALTEL.ES):
EUSKALTEL,
ES. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 35 of 36 c227716af1
NEW none[none] none:none
none|none none none

05:33:00 WinXP 75.138.60.50 (CHARTER.COM):
CHARTER COMMUNICATIONS,
GREENVILLE, SOUTH CAROLINA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 a957fc6133
[Firefox: 2 hits: 11-13 to 11-14] none[none] none:none
none|none none none

T:05:34:00 WinXP 91.152.188.210 (ELISA-LAAJAKAISTA.FI):
ELISA-ADSL,
FI. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 1cc50efd1f
[Firefox: 4 hits: 11-12 to 11-19] none[none] none:none
none|none none none

05:45:00 Win2K-f 118.218.179.220 (-):
. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset irc
93 lines Yeah : 1.8
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:193 hits: 06-17 to 11-19]
4c3df24b32
[Firefox:251 hits: 06-17 to 11-18] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

05:47:00 Win2K-f 24.174.241.236 (RR.COM):
ROAD RUNNER HOLDCO LLC,
LAREDO, TEXAS, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

05:48:00 WinXP 89.44.31.248 (-):
SC EXPANSION NET SRL,
RO. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 36 of 37 018dbe7c7e
NEW none[none] none:none
none|none none none

T:05:49:00 WinXP 89.44.31.248 (-):
SC EXPANSION NET SRL,
RO. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 36 of 37 018dbe7c7e
NEW none[none] none:none
none|none none none

05:56:00 Win2K-f 70.77.46.42 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
224 lines Yeah : 1.3
profile none summary
tarball 35 of 37
33 of 37 3c6ddce3c6
NEW
aee0728366
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

06:00:00 WinXP 59.104.255.195 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 37 45a69d1f27
NEW none[none] none:none
none|none none none

06:05:00 WinXP 24.163.92.113 (RR.COM):
ROAD RUNNER HOLDCO LLC,
DURHAM, NORTH CAROLINA, US. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:552 hits: 04-15 to 11-19] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

06:08:00 Win2K-f 58.188.78.238 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset irc
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:12:00 WinXP 59.190.17.12 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:492 hits: 04-01 to 11-19] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

06:23:00 WinXP 89.41.89.131 (HOST-89-41-64-10.MOLDTELECOM.MD):
JSC MOLDTELECOM SA,
CHISINAU, CHISINAU, MD. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 a5fb35c9fd
[Firefox: 3 hits: 11-08 to 11-19] none[none] none:none
none|none none none

T:06:33:00 WinXP 4.152.198.106 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
RICHMOND, VIRGINIA, US. (DIAL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

06:49:00 Win2K-f 72.66.8.36 (VERIZON.NET):
GAIP INC,
VIENNA, VIRGINIA, US. (100Mbps) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:06:52:00 WinXP 117.99.29.151 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 15093b4cc0
[Firefox:14 hits: 11-09 to 11-19] none[none] none:none
none|none none none

07:01:00 WinXP 66.103.120.85 (CTSIOK.NET):
CHICKASAW TELECOMMUNICATIONS SERVICES INC,
STILLWATER, OKLAHOMA, US. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 289d74b4ce
[Firefox:18 hits: 11-03 to 11-18] none[none] none:none
none|none none none

07:08:00 Win2K-f 24.83.235.61 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
ABBOTSFORD, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:07:09:00 WinXP 76.244.176.42 (PACBELL.NET):
AT&T INTERNET SERVICES,
US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

07:17:00 WinXP 170.51.170.47 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 36 428ae15458
[Firefox:27 hits: 10-14 to 11-18] none[none] none:none
none|none none none

07:22:00 WinXP 65.28.21.64 (RR.COM):
ROAD RUNNER HOLDCO LLC,
OVERLAND PARK, KANSAS, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
100 lines Yeah : 1.3
profile none summary
tarball 33 of 37
34 of 37 0a686021c7
NEW
8eeb11591f
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:07:22:00 Win2K-f 202.103.134.134 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a 135 pcap raw alerts
ruleset other
2 lines Argh : 0.3
profile none summary
tarball none none none none none none none

07:23:00 WinXP 222.234.234.234 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset irc
103 lines Yeah : 1.8
profile none summary
tarball 31 of 33
31 of 33 b74e792974
[Firefox:18 hits: 06-18 to 11-14]
f0e73c39a8
[Firefox:19 hits: 06-18 to 11-14] b74e792974 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

T:07:24:00 Win2K-f 65.183.143.222 (BURLINGTONTELECOM.NET):
BURLINGTON TELECOM,
BURLINGTON, VERMONT, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
111 lines Yeah : 1.3
profile none summary
tarball 33 of 36
31 of 36 9e9244a382
[Firefox: 2 hits: 11-14 to 11-16]
d518b500dd
[Firefox: 2 hits: 11-14 to 11-16] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:07:24:00 WinXP 24.69.47.72 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VICTORIA, BRITISH COLUMBIA, CA. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 37 f362a30ef0
NEW none[none] none:none
none|none none none

T:07:36:00 WinXP 218.45.108.76 (DSNW.NE.JP):
DS-NETWORKS-CIDR-BLK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:552 hits: 04-15 to 11-19] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

07:37:00 WinXP 93.177.213.20 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a RU:moscow-advokat.ru
:brussels.be.eu.undernet.org
NL:diemen.nl.eu.undernet.org
SE:ced.dal.net
SE:viking.dal.net
:washington.dc.us.undernet.org
SE:ozbytes.dal.net
SE:coins.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 4e51abcf57
[Firefox: 2 hits: 11-04 to 11-07] none[none] none:none
none|none none none

07:47:00 WinXP 213.22.30.97 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
ALMADA, SETUBAL, PT. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:187 hits: 04-10 to 11-19] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:07:47:00 WinXP 213.22.30.97 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
ALMADA, SETUBAL, PT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:187 hits: 04-10 to 11-19] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:07:50:00 WinXP 70.138.24.182 (SBCGLOBAL.NET):
PPPOX POOL - BRAS12.MRDNCT,
SEYMOUR, CONNECTICUT, US. (DSL) n/a US:www.yahoo.com
:jbeegvia.ru
SE:kavkaz.tv
US:www.worldbank.org
:yoiayoi.ru
:wcqahzhzn.ru
:iirpryry.ru
:rihafvu.ru
:wpad
:ryryodokm.ru
:uvjiis.ru
:gwvwka.ru
:jqsbnyzkp.ru
:pvygdo.ru
:fxkyagpnw.ru
:knclvdz.ru
:trsqeigw.ru
:odokeqy.ru
:kelmpsjp.ru
:edjiesp.ru
:vllcdvv.ru
:nuksdln.ru
:tmmeno.ru
:zoxdgqx.ru
:pwvbfz.ru
:nuzbcp.ru
:bqpuqt.ru
:okskyyn.ru
:pnlkria.ru
EU:crutop.nu
:kargai.ru
:kfwfceki.ru
:nhuwxyuw.ru
RU:alfabank.ru
:udluzuq.ru
US:prodexteam.net
:fiazpvnne.ru
:ppxuub.ru
:lvwgdhwlj.ru
GB:www.candidateverifier.com
:raxeqajrf.ru
:dhagunb.ru
:zpwmktjv.ru
SE:www.kavkazcenter.com
:aadqca.ru
:ygnrqi.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 32 of 32 bb7681eca8
[Firefox:16 hits: 09-26 to 11-13] none[none] none:none
none|none none none

T:07:54:00 WinXP 221.184.170.226 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 67.43.236.98:5190 :xx.nadnadzz.info
CA:xx.sqlteam.info
CA:zonetech.info
CA:alwayssam.com 445 pcap raw alerts
ruleset shell
ftp
irc
http
28 lines Yeah : 1.8
profile none summary
tarball 21 of 36
15 of 36
34 of 36 41b9df60db
[Firefox:13 hits: 11-03 to 11-19]
cada8d5adf
[Firefox:12 hits: 11-03 to 11-19]
cf860c219a
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:08:00:00 WinXP 89.33.219.55 (BOTOSANI.RO):
JUMP NETWORK SERVICES S.R.L,
RO. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 37 a7cc6e6776
NEW none[none] none:none
none|none none none

T:08:02:00 Win2K-f 219.251.198.70 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
79 lines Yeah : 1.3
profile none summary
tarball 0 of 33
33 of 33 4c3df24b32
[Firefox:251 hits: 06-17 to 11-18]
53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19] 4c3df24b32 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

08:19:00 WinXP 87.58.215.169 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:40 hits: 10-27 to 11-15] none[none] none:none
none|none none none

T:08:20:00 WinXP 87.58.215.169 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 b1c85cee4b
[Firefox:40 hits: 10-27 to 11-15] none[none] none:none
none|none none none

08:27:00 WinXP 83.68.65.211 (TNP.PL):
TELENETCENTRUM-NET,
PL. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
irc
11 lines Yeah : 1.3
profile none summary
tarball 34 of 36 10889f1709
NEW none[none] none:none
none|none none none

T:08:27:00 WinXP 83.68.65.211 (TNP.PL):
TELENETCENTRUM-NET,
PL. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
irc
3 lines Yeah : 1.3
profile none summary
tarball 34 of 36 10889f1709
NEW none[none] none:none
none|none none none

08:30:00 WinXP 70.138.24.182 (SBCGLOBAL.NET):
PPPOX POOL - BRAS12.MRDNCT,
SEYMOUR, CONNECTICUT, US. (DSL) n/a US:www.altavista.com
US:www.yahoo.com
:jbeegvia.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 bb7681eca8
[Firefox:16 hits: 09-26 to 11-13] none[none] none:none
none|none none none

08:51:00 WinXP 82.233.190.212 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 37 ea3e29047b
NEW none[none] none:none
none|none none none

09:12:00 WinXP 119.154.73.178 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:439 hits: 12-31 to 11-19] 048df78048 [0] ASM:Graph
none|none lines=61 trace

09:40:00 Win2K-f 88.165.87.123 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 33 of 36 413c9ac28b
[Firefox:22 hits: 09-26 to 11-19] none[none] none:none
none|none none none

09:47:00 WinXP 151.118.179.149 (QWEST.NET):
QWEST BROADBAND,
PHOENIX, ARIZONA, US. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
US:microsoft.com 135 pcap raw alerts
ruleset irc
141 lines Yeah : 1.8
profile none summary
tarball 32 of 33
29 of 32 7f66e51c85
[Firefox:18 hits: 07-11 to 10-25]
9d12fe9d3b
[Firefox:19 hits: 07-11 to 10-25] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:09:58:00 WinXP 85.138.228.179 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 a96b94fdb6
NEW none[none] none:none
none|none none none

09:59:00 WinXP 85.138.228.179 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 36 a96b94fdb6
NEW none[none] none:none
none|none none none

10:08:00 Win2K-f 24.170.56.77 (RR.COM):
ROAD RUNNER HOLDCO LLC,
INGLESIDE, TEXAS, US. n/a 135 pcap raw alerts
ruleset other
57 lines Yeah : 1.3
profile none summary
tarball 0 of 33 a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] a08f3b74a4 [1] ASM:Graph
Armadillo| lines=81 trace

T:10:09:00 WinXP 93.105.77.244 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 df1392205b
NEW none[none] none:none
none|none none none

10:29:00 WinXP 195.174.19.137 (KABLONET.COM.TR):
CABLE OPERATOR NETWORK OF TURK TELEKOM,
ISTANBUL, ISTANBUL, TR. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 428ae15458
[Firefox:27 hits: 10-14 to 11-18] none[none] none:none
none|none none none

T:10:31:00 WinXP 189.123.59.105 (-):
. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 33 of 35 e50d19ea22
[Firefox: 9 hits: 10-21 to 11-18] none[none] none:none
none|none none none

11:00:00 WinXP 68.142.70.101 (68.IN-ADDR.ARPA):
LIMELIGHT NETWORKS INC,
TEMPE, ARIZONA, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
130 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:11:03:00 WinXP 93.148.202.198 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:11:04:00 WinXP 4.248.221.226 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:11:24:00 WinXP 4.255.246.245 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) n/a 135 pcap raw alerts
ruleset other
4 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:11:29:00 WinXP 85.122.43.144 (RNC.RO):
RNC,
RO. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:187 hits: 04-10 to 11-19] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

11:36:00 Win2K-f 210.98.174.18 (BORA.NET):
BORANET-NET,
KR. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset irc
111 lines Yeah : 1.8
profile none summary
tarball 31 of 33
31 of 33 b74e792974
[Firefox:18 hits: 06-18 to 11-14]
f0e73c39a8
[Firefox:19 hits: 06-18 to 11-14] b74e792974 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

T:11:39:00 WinXP 78.159.34.4 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 35 24e4c28fdb
[Firefox:12 hits: 10-25 to 11-19] none[none] none:none
none|none none none

11:51:00 Win2K-f 95.28.208.11 (-):
. 79.132.211.24:65520 EU:proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset irc
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:08:00 WinXP 72.215.54.126 (COX.NET):
COX COMMUNICATIONS,
ATLANTA, GEORGIA, US. n/a 135 pcap raw alerts
ruleset other
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:18:00 WinXP 86.2.82.48 (NTL.COM):
NTLI,
UK. (DSL) n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 4a4dd1c72f
NEW none[none] none:none
none|none none none

12:18:00 WinXP 78.159.88.206 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 33 of 35 93a84a5dba
[Firefox:10 hits: 10-26 to 11-19] none[none] none:none
none|none none none

T:12:37:00 WinXP 81.197.64.250 (ELISA-LAAJAKAISTA.FI):
ELISA-CABLE,
ESPOO, ETELA-SUOMEN LAANI, FI. n/a :www.google.com.au
US:www.altavista.com
:jbeegvia.ru 135 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 32 17028f1eda
[Firefox:62 hits: 04-18 to 11-19] none[3] none:none
tElock| none trace

12:38:00 WinXP 81.197.64.250 (ELISA-LAAJAKAISTA.FI):
ELISA-CABLE,
ESPOO, ETELA-SUOMEN LAANI, FI. n/a :www.google.com.au
US:www.altavista.com
:jbeegvia.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 32 17028f1eda
[Firefox:62 hits: 04-18 to 11-19] none[3] none:none
tElock| none trace

T:12:46:00 WinXP 124.8.226.75 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 5818023061
[Firefox: 8 hits: 04-01 to 11-19] a227e5e49d [0] ASM:Graph
PolyEnE| lines=68 trace

T:13:07:00 WinXP 85.86.159.60 (CLIENTES.EUSKALTEL.ES):
EUSKALTEL,
ES. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 2afd89521c
[Firefox: 3 hits: 10-31 to 11-05] none[none] none:none
none|none none none

13:27:00 WinXP 84.184.93.143 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
DE. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:552 hits: 04-15 to 11-19] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:13:36:00 WinXP 189.97.199.155 (-):
. n/a US:www.yahoo.com
US:www.altavista.com
:jbeegvia.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 bb7681eca8
[Firefox:16 hits: 09-26 to 11-13] none[none] none:none
none|none none none

13:37:00 WinXP 189.97.199.155 (-):
. n/a US:www.altavista.com
:www.google.com.au
:jbeegvia.ru 135 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 bb7681eca8
[Firefox:16 hits: 09-26 to 11-13] none[none] none:none
none|none none none

T:13:40:00 WinXP 190.240.48.232 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 35 of 36 163daa6b71
[Firefox: 3 hits: 10-26 to 11-19] none[none] none:none
none|none none none

T:13:47:00 WinXP 72.131.81.202 (RR.COM):
ROAD RUNNER HOLDCO LLC,
BROOKFIELD, WISCONSIN, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

13:49:00 WinXP 85.138.47.67 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
AMADORA, LISBOA, PT. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 1094c6aece
NEW none[none] none:none
none|none none none

T:14:06:00 WinXP 81.18.63.153 (NEOBEE.NET):
ADSL POOL,
CS. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:187 hits: 04-10 to 11-19] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

14:06:00 WinXP 66.63.109.32 (GWI.NET):
GREAT WORKS INTERNET,
SHAPLEIGH, MAINE, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:14:08:00 WinXP 4.155.114.123 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
PITTSBURGH, PENNSYLVANIA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

14:09:00 WinXP 89.152.7.196 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 36 of 37 7d2fc28337
NEW none[none] none:none
none|none none none

T:14:19:00 Win2K-f 4.164.186.194 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
DURANGO, COLORADO, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
106 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

14:22:00 WinXP 190.31.128.232 (NET.AR):
TELECOM ARGENTINA S.A,
BUENOS AIRES, BUENOS AIRES, AR. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 36 of 37 3a586cce7d
NEW none[none] none:none
none|none none none

T:14:22:00 WinXP 190.31.128.232 (NET.AR):
TELECOM ARGENTINA S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 37 3a586cce7d
NEW none[none] none:none
none|none none none

14:26:00 WinXP 79.30.205.231 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:14:27:00 WinXP 200.122.97.138 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a EU:proxim.ircgalaxy.pl
RU:moscow-advokat.ru
SE:ozbytes.dal.net
NO:london.uk.eu.undernet.org
US:lia.zanet.net
SE:qis.md.us.dal.net
SE:vancouver.dal.net
SE:ced.dal.net
:lulea.se.eu.undernet.org
SE:viking.dal.net
:gaspode.zanet.org.za
:flanders.be.eu.undernet.org
SE:coins.dal.net
:caen.fr.eu.undernet.org
NL:diemen.nl.eu.undernet.org
:brussels.be.eu.undernet.org
SE:broadway.ny.us.dal.net
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 36 d466be6715
NEW none[none] none:none
none|none none none

T:14:32:00 WinXP 74.214.38.165 (METROCAST.NET):
GMP CABLE TV,
BERWICK, PENNSYLVANIA, US. n/a US:www.yahoo.com
:jbeegvia.ru
US:www.worldbank.org
SE:www.kavkazcenter.com
:yoiayoi.ru
:wcqahzhzn.ru
:iirpryry.ru
:rihafvu.ru
:wpad
:ryryodokm.ru
:uvjiis.ru
:gwvwka.ru
:jqsbnyzkp.ru
:pvygdo.ru
:fxkyagpnw.ru
:knclvdz.ru
:trsqeigw.ru
:odokeqy.ru
:kelmpsjp.ru
:edjiesp.ru
:vllcdvv.ru
:nuksdln.ru
:tmmeno.ru
:zoxdgqx.ru
:pwvbfz.ru
:nuzbcp.ru
:bqpuqt.ru
:okskyyn.ru
:pnlkria.ru
:kargai.ru
:kfwfceki.ru
:nhuwxyuw.ru
:udluzuq.ru
RU:alfabank.ru
:fiazpvnne.ru
US:prodexteam.net
:ppxuub.ru
:lvwgdhwlj.ru
:raxeqajrf.ru
GB:www.viruslist.com
GB:www.candidateverifier.com
:dhagunb.ru
:zpwmktjv.ru
:aadqca.ru
:ygnrqi.ru
DE:kavkaz.co.uk
:ycgnbe.ru
RU:www.cbr.ru
:yeqsuem.ru
:aiizkak.ru
SE:kavkaz.tv
:dupeloz.ru
:dodgscv.ru
:lodrzze.ru
RU:www.mmbank.ru
:nkuoonxuz.ru
:tmamzn.ru
:jxdodqm.ru
:jgoueta.ru
:zokwirdm.ru
RU:www.sbrf.ru
:jfbved.ru
:zurrnzssl.ru
US:crime-research.ru
:bkrtch.ru 135 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 32 17028f1eda
[Firefox:62 hits: 04-18 to 11-19] none[3] none:none
tElock| none trace

14:45:00 WinXP 72.235.135.103 (HAWAIIANTEL.NET):
HAWAIIAN TELCOM SERVICES COMPANY INC,
HANA, HAWAII, US. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
irc
24 lines Yeah : 1.3
profile none summary
tarball 35 of 37 25ce229a94
NEW none[none] none:none
none|none none none

15:03:00 Win2K-f 76.243.226.214 (PACBELL.NET):
AT&T INTERNET SERVICES,
US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:15:07:00 WinXP 170.51.133.99 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox:21 hits: 10-26 to 11-19] none[none] none:none
none|none none none

15:07:00 WinXP 190.68.63.140 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. 194.54.90.246:80 EU:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
irc
4 lines Yeah : 1.3
profile none summary
tarball 34 of 36 039c6a4bb7
NEW none[none] none:none
none|none none none

15:10:00 WinXP 217.203.156.44 (-):
TELECOM ITALIA MOBILE,
IT. 194.54.90.246:80 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
irc
4 lines Yeah : 1.3
profile none summary
tarball 35 of 36 4840d5ef28
NEW none[none] none:none
none|none none none

15:11:00 WinXP 173.16.65.241 (-):
. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:15:14:00 Win2K-f 219.115.237.143 (ZAQ.NE.JP):
K CABLE TELEVISION CORPORATION INC,
JP. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 0 of 32
33 of 33 07fabc79ef
[Firefox:26 hits: 06-19 to 11-12]
53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19] 07fabc79ef [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

15:17:00 Win2K-f 70.183.236.110 (COX.NET):
COX COMMUNICATIONS,
PENSACOLA, FLORIDA, US. 79.132.211.24:65520 US:microsoft.com
EU:proxim.ircgalaxy.pl 135 pcap raw alerts
ruleset irc
115 lines Yeah : 1.8
profile none summary
tarball 34 of 36
28 of 33 da00a8e7a1
[Firefox:37 hits: 08-05 to 11-18]
f685f8e027
[Firefox:41 hits: 06-18 to 11-18] none[none]
f685f8e027[1] none:none
ASM:Graph
none|none
Armadillo| none
lines=82 none
trace

T:15:33:00 WinXP 211.109.96.220 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
KUNSAN, CHOLLA-BUKTO, KR. n/a EU:proxima.ircgalaxy.pl
US:microsoft.com
EU:79.132.211.24:65520 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 32 168aab35a3
[Firefox:193 hits: 06-17 to 11-19]
61426996c3
[Firefox:20 hits: 06-20 to 11-12] none[4]
61426996c3[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:15:36:00 WinXP 67.4.151.106 (QWEST.NET):
QWEST COMMUNICATIONS CORPORATION,
MINNEAPOLIS, MINNESOTA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 a957fc6133
[Firefox: 2 hits: 11-13 to 11-14] none[none] none:none
none|none none none

15:47:00 Win2K-f 24.87.163.116 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
123 lines Yeah : 1.3
profile none summary
tarball 31 of 36
33 of 36 28ce5fc467
[Firefox:10 hits: 09-12 to 11-16]
e7335cb667
[Firefox:10 hits: 09-12 to 11-16] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:15:49:00 WinXP 87.78.192.121 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
COLOGNE, NORDRHEIN-WESTFALEN, DE. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 36 of 37 52e18deb92
NEW none[none] none:none
none|none none none

T:15:53:00 Win2K-f 4.182.132.131 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
FRESNO, CALIFORNIA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:09:00 WinXP 66.38.40.101 (NCTC.COM):
NORTH CENTRAL TELEPHONE COOPERATIVE,
BOWLING GREEN, KENTUCKY, US. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 34 of 37 d921806f7a
NEW none[none] none:none
none|none none none

16:09:00 Win2K-f 64.130.176.103 (SCRTC.COM):
SOUTH CENTRAL RURAL TELEPHONE CO,
SAN JOSE, CALIFORNIA, US. (DSL) n/a 135 pcap raw alerts
ruleset other
397 lines Yeah : 1.3
profile none summary
tarball 33 of 37 fbee2cb320
NEW none[none] none:none
none|none none none

16:18:00 WinXP 71.104.155.165 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
UPLAND, CALIFORNIA, US. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
96 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

16:20:00 WinXP 116.123.97.121 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 79.132.211.24:65520 EU:proxim.ircgalaxy.pl
US:microsoft.com 135 pcap raw alerts
ruleset irc
149 lines Yeah : 1.8
profile none summary
tarball 34 of 36
31 of 36 2624cc4502
NEW
61357c03eb
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:16:22:00 WinXP 190.48.235.96 (COM.AR):
TELEFONICA DE ARGENTINA,
MAR DEL PLATA, BUENOS AIRES, AR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 36 of 37 c8f44137a4
NEW none[none] none:none
none|none none none

T:16:29:00 WinXP 68.146.212.36 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 8055e4589d
[Firefox: 2 hits: 11-14 to 11-16] none[none] none:none
none|none none none

16:39:00 WinXP 190.0.83.7 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 1c544ae06d
[Firefox: 5 hits: 09-25 to 11-14] none[none] none:none
none|none none none

T:16:44:00 WinXP 200.127.228.145 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 a957fc6133
[Firefox: 2 hits: 11-13 to 11-14] none[none] none:none
none|none none none

16:54:00 WinXP 116.83.150.66 (OCN.NE.JP):
FUJITSU LIMITED,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:552 hits: 04-15 to 11-19] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:16:58:00 WinXP 189.97.220.234 (-):
. n/a US:www.altavista.com
:www.google.com.au
:jbeegvia.ru 135 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 bb7681eca8
[Firefox:16 hits: 09-26 to 11-13] none[none] none:none
none|none none none

17:04:00 WinXP 76.200.154.108 (SBCGLOBAL.NET):
BRAS44.PLTNCA,
US. (DSL) n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:204 hits: 04-16 to 11-19] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:17:05:00 WinXP 71.130.22.21 (PACBELL.NET):
WILLIAM MARTINEZ DBA,
PLANO, TEXAS, US. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
a08f3b74a4
[Firefox:1457 hits: 06-18 to 11-19] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

17:07:00 Win2K-f 70.58.164.200 (QWEST.NET):
QWEST COMMUNICATIONS CORPORATION,
BOISE, IDAHO, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

17:08:00 WinXP 24.85.104.119 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 37 5a47fce840
NEW none[none] none:none
none|none none none

17:13:00 WinXP 70.61.108.77 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CHARLOTTE, NORTH CAROLINA, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

17:14:00 WinXP 216.19.20.95 (COMMSPEED.NET):
COMMSPEED ARIZONA LLC,
PRESCOTT, ARIZONA, US. n/a EU:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
EU:79.132.211.24:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 35 of 36 f616c7a23f
NEW none[none] none:none
none|none none none

T:17:41:00 Win2K-f 4.155.111.190 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
PITTSBURGH, PENNSYLVANIA, US. (DIAL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
94 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

17:52:00 Win2K-f 201.212.167.29 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

17:53:00 WinXP 24.58.224.150 (RR.COM):
ROAD RUNNER HOLDCO LLC,
WALDEN, NEW YORK, US. n/a DE:siliconfireware.ru
US:searchportal.information.com
DE:ebookfinaltrash.ru
US:spi.domainsponsor.com
:wpad
GB:new.egg.com
US:208.73.210.121:80
DE:212.227.111.29:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
http
http
38 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:232 hits: 04-06 to 11-19] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:18:06:00 WinXP 64.109.36.59 (AMERITECH.NET):
DIAL POOL TNT1-APTNWI,
DE PERE, WISCONSIN, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

18:09:00 WinXP 4.168.69.109 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
FONTANA, CALIFORNIA, US. (DIAL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4074 hits: 06-17 to 11-19]
73f1082158
[Firefox:2021 hits: 06-18 to 11-19] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

18:13:00 Win2K-f 217.46.232.68 (BTOPENWORLD.COM):
NAVEED-CHIRAGH,
SLOUGH, ENGLAND, UK. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

18:18:00 Win2K-f 190.48.0.165 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:18:00 Win2K-f 190.48.0.165 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

18:24:00 Win2K-f 201.212.157.58 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:28:00 Win2K-f 4.84.62.149 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MT. PLEASANT, SOUTH CAROLINA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
120 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:2021 hits: 06-18 to 11-19] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

18:36:00 Win2K-f 24.161.121.187 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:www.maxmind.com 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37
0 of 37 216ec67841
NEW
6f809ffa84
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:36:00 Win2K-f 24.161.121.187 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 2 of 37
0 of 37 216ec67841
NEW
6f809ffa84
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

18:38:00 Win2K-f 190.17.224.26 (COM.AR):
CABLEVISION S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

18:40:00 WinXP 24.174.158.102 (RR.COM):
ROAD RUNNER HOLDCO LLC,
SAN ANTONIO, TEXAS, US. (100Mbps) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 986b59708d
[Firefox:117 hits: 04-07 to 11-18] 8a00217866 [0] ASM:Graph
PolyEnE| lines=57 trace

18:44:00 Win2K-f 64.118.81.91 (4RWEB.COM):
4RWEB INC,
WEST NEW YORK, NEW JERSEY, US. n/a US:www.maxmind.com
US:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:44:00 Win2K-f 64.118.81.91 (4RWEB.COM):
4RWEB INC,
WEST NEW YORK, NEW JERSEY, US. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:44:00 WinXP 220.239.245.63 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
SYDNEY, NEW SOUTH WALES, AU. n/a 135 pcap raw alerts
ruleset other
468 lines Yeah : 1.3
profile none summary
tarball 34 of 37 6c57000ae5
NEW none[none] none:none
none|none none none

18:46:00 WinXP 60.249.184.152 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 135 pcap raw alerts
ruleset other
41 lines Yeah : 1.3
profile none summary
tarball 3 of 37 e2aef2545b
NEW none[none] none:none
none|none none none

T:18:47:00 Win2K-f 190.105.1.75 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:57:00 WinXP 76.200.154.108 (SBCGLOBAL.NET):
BRAS44.PLTNCA,
US. (DSL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:204 hits: 04-16 to 11-19] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

19:00:00 Win2K-f 190.49.103.107 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:00:00 Win2K-f 190.49.103.107 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:01:00 Win2K-f 186.9.54.192 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:02:00 Win2K-f 190.49.92.48 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
7 lines Yeah : 0.8
profile none summary
tarball 0 of 37
0 of 37
3 of 37 31da6d04d1
NEW
c982c0cc3c
NEW
d9cb288f31
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:19:04:00 Win2K-f 85.85.119.29 (CLIENTES.EUSKALTEL.ES):
EUSKALTEL,
ES. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:06:00 Win2K-f 200.63.98.34 (TECHTELNET.NET):
AR. n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:13:00 Win2K-f 190.18.200.49 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:19:00 Win2K-f 190.51.66.69 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:23:00 Win2K-f 201.231.111.78 (SRC.ORG):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

19:23:00 Win2K-f 200.112.153.58 (NET.AR):
BROADBANDTECH S. A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:23:00 WinXP 99.191.228.22 (-):
. n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:439 hits: 12-31 to 11-19] 048df78048 [0] ASM:Graph
none|none lines=61 trace

T:19:25:00 Win2K-f 201.231.111.78 (SRC.ORG):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 2 of 36
0 of 37 4a4d8f51ca
NEW
6f809ffa84
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:28:00 Win2K-f 190.49.49.56 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:30:00 Win2K-f 209.112.189.244 (ACSALASKA.NET):
ALASKA COMMUNICATIONS SYSTEMS GROUP INC,
VALDEZ, ALASKA, US. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:40:00 Win2K-f 190.51.83.110 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:44:00 Win2K-f 210.55.78.68 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:45:00 Win2K-f 186.9.10.140 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:47:00 Win2K-f 114.44.104.46 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:48:00 Win2K-f 114.44.104.46 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:51:00 Win2K-f 190.51.177.191 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:55:00 Win2K-f 70.70.23.182 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CHILLIWACK, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:56:00 WinXP 76.182.78.235 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:114 hits: 04-04 to 11-14] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

20:02:00 Win2K-f 190.50.104.95 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:05:00 Win2K-f 190.18.200.220 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:08:00 Win2K-f 190.18.200.220 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:09:00 Win2K-f 190.105.3.154 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:20:11:00 Win2K-f 12.101.179.35 (ATT.NET):
AT&T WORLDNET SERVICES,
NEW YORK, NEW YORK, US. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:13:00 Win2K-f 85.84.186.149 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:21:00 Win2K-f 163.121.208.34 (TEDATA.NET):
TE DATA (S.A.E),
LUXOR, QINA, EG. n/a US:www.maxmind.com
:getmyip.co.uk
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

20:22:00 Win2K-f 190.18.192.4 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:23:00 Win2K-f 186.12.113.44 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:23:00 Win2K-f 186.12.113.44 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:28:00 Win2K-f 190.51.38.76 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

20:30:00 Win2K-f 79.110.115.2 (G-M-I.NET):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 6f809ffa84
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:35:00 Win2K-f 200.127.176.243 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:37:00 Win2K-f 198.64.129.167 (VERIO.NET):
NTT AMERICA INC,
ENGLEWOOD, COLORADO, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 0 of 36
3 of 37 9028d79f7a
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:20:39:00 Win2K-f 87.108.57.45 (ACADEMICA.FI):
ACADEMICA,
FI. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

20:40:00 Win2K-f 186.9.79.33 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

20:42:00 WinXP 24.38.163.166 (SPEAKEASY.NET):
US. n/a :www.google.com.au
US:www.altavista.com
:jbeegvia.ru
US:www.worldbank.org
EU:crutop.nu
:yoiayoi.ru
:wcqahzhzn.ru
:iirpryry.ru
:rihafvu.ru
:ryryodokm.ru
:wpad
:uvjiis.ru
:gwvwka.ru
:jqsbnyzkp.ru
:pvygdo.ru
:fxkyagpnw.ru
:knclvdz.ru
:trsqeigw.ru
:odokeqy.ru
:kelmpsjp.ru
:edjiesp.ru
:vllcdvv.ru
:nuksdln.ru
:tmmeno.ru
:zoxdgqx.ru
:pwvbfz.ru
:nuzbcp.ru
:bqpuqt.ru
:okskyyn.ru
:pnlkria.ru
US:prodexteam.net
:kargai.ru
:kfwfceki.ru
RU:alfabank.ru
:nhuwxyuw.ru
US:crime-research.ru
:udluzuq.ru
:fiazpvnne.ru
:ppxuub.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 393f45ca33
[Firefox: 2 hits: 10-14 to 11-19] none[none] none:none
none|none none none

T:20:45:00 Win2K-f 186.9.79.33 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

20:45:00 Win2K-f 200.122.74.30 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

20:47:00 WinXP 24.87.139.128 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com 135 pcap raw alerts
ruleset other
111 lines Yeah : 1.3
profile none summary
tarball 33 of 36
31 of 35 4bd8e539ab
[Firefox: 2 hits: 11-03 to 11-16]
fb97e82c81
[Firefox: 2 hits: 11-03 to 11-16] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:20:50:00 Win2K-f 85.85.77.138 (CLIENTES.EUSKALTEL.ES):
EUSKALTEL,
ES. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:55:00 Win2K-f 61.31.135.85 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:20:56:00 WinXP 72.178.126.19 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

20:59:00 Win2K-f 190.51.191.155 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 0 of 37
3 of 37 9f8588ffb3
NEW
d9cb288f31
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

21:06:00 WinXP 72.178.126.19 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1131 hits: 12-31 to 11-19] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:21:06:00 Win2K-f 115.42.1.34 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:10:00 Win2K-f 170.51.33.91 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:11:00 Win2K-f 125.65.145.73 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:14:00 Win2K-f 200.49.20.61 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:23:00 Win2K-f 198.69.219.11 (AJINTERNET.NET):
A J INTERNET,
ANNA, ILLINOIS, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:24:00 Win2K-f 85.84.151.90 (CLIENTES.EUSKALTEL.ES):
EUSKALTEL,
ES. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:25:00 Win2K-f 133.43.182.62 (WAKAYAMA-U.AC.JP):
JAPAN NETWORK INFORMATION CENTER,
TOKYO, TOKYO, JP. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
72.249.118.38:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:26:00 Win2K-f 64.73.235.118 (-):
ROBBINS RESEARCH INTERNATIONAL,
SAN DIEGO, CALIFORNIA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:31:00 Win2K-f 124.123.140.82 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:67.15.94.80:80
72.249.118.38:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:39:00 Win2K-f 202.67.148.91 (HKNET.COM):
HKNET COMPANY LIMITED,
TSEUNG KWAN O, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:42:00 Win2K-f 210.111.208.101 (-):
YJ-PNDSERVICE,
KR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:44:00 Win2K-f 186.9.32.221 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:44:00 Win2K-f 200.94.111.98 (ALESTRA.NET.MX):
ALESTRA,
GUADALAJARA, JALISCO, MX. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:47:00 Win2K-f 200.87.117.82 (ORION.PNUD.BO):
ENTEL S.A. - ENTELNET,
LA PAZ, LA PAZ, BO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

21:49:00 Win2K-f 202.67.148.91 (HKNET.COM):
HKNET COMPANY LIMITED,
TSEUNG KWAN O, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:52:00 Win2K-f 200.127.101.3 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:21:58:00 Win2K-f 85.84.206.231 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:00:00 Win2K-f 85.84.206.231 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
BILBAO, PAIS VASCO, ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:03:00 Win2K-f 201.54.229.22 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:05:00 Win2K-f 190.18.203.189 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:08:00 Win2K-f 201.54.229.22 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:16:00 Win2K-f 221.126.4.164 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:17:00 Win2K-f 221.126.4.164 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:18:00 Win2K-f 63.121.244.9 (BUCKEYETRUCKCENTER.COM):
PLEXIS LTD,
US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:19:00 Win2K-f 122.118.176.45 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:23:00 Win2K-f 122.118.66.86 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:29:00 Win2K-f 201.87.112.53 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:35:00 Win2K-f 200.40.195.116 (ADINET.COM.UY):
SERVICIO INTERNET CLASS,
ROCHA, ROCHA, UY. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:36:00 Win2K-f 201.87.112.53 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:37:00 Win2K-f 59.124.155.94 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:40:00 Win2K-f 116.48.131.83 (NETVIGATOR.COM):
PCCW LIMITED,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:41:00 Win2K-f 216.21.34.98 (-):
SMART TELECOM CONCEPTS,
LISLE, ILLINOIS, US. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:42:00 Win2K-f 116.48.131.83 (NETVIGATOR.COM):
PCCW LIMITED,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

22:47:00 Win2K-f 58.68.100.77 (-):
DWL-SIKKANET-LUCKNOW,
LUCKNOW, UTTAR PRADESH, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:54:00 Win2K-f 58.68.100.77 (-):
DWL-SIKKANET-LUCKNOW,
LUCKNOW, UTTAR PRADESH, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:55:00 WinXP 84.74.12.164 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. (DSL) 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 36 42c101571e
[Firefox: 4 hits: 10-30 to 11-09] none[none] none:none
none|none none none

T:22:56:00 Win2K-f 216.38.206.101 (VIAWEST.NET):
VIAWEST INTERNET SERVICES INC,
AURORA, COLORADO, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:22:59:00 Win2K-f 124.8.80.86 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:01:00 Win2K-f 186.9.46.83 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

23:02:00 Win2K-f 216.38.206.101 (VIAWEST.NET):
VIAWEST INTERNET SERVICES INC,
AURORA, COLORADO, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:09:00 Win2K-f 86.35.109.78 (PLATINUMGROUP.RO):
ARTELECOM,
RO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:14:00 Win2K-f 59.114.0.20 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:18:00 Win2K-f 211.72.106.190 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:18:00 Win2K-f 213.32.235.50 (ADM.ESH.DK):
EDUCATIONAL INSTITUTION CONNECTED TO SEKTORNET,
DK. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:18:00 Win2K-f 146.83.126.124 (RNEVADOS.UCN.CL):
RED UNIVERSITARIA NACIONAL,
SANTIAGO, REGION METROPOLITANA, CL. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:19:00 Win2K-f 124.123.43.78 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:29:00 Win2K-f 203.113.147.104 (ADSL.VIETTEL.VN):
VIETEL CORPORATION,
HO CHI MINH CITY, HO CHI MINH, VN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:29:00 Win2K-f 124.8.74.143 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:32:00 Win2K-f 38.96.1.30 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:35:00 Win2K-f 70.60.208.71 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:36:00 Win2K-f 81.9.174.239 (CM-81-9-168-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:42:00 Win2K-f 59.124.95.16 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:44:00 Win2K-f 124.123.43.78 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:47:00 Win2K-f 85.89.165.41 (NET.PL):
TOYA:NET (PL),
LODZ, LODZKIE, PL. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:50:00 Win2K-f 59.124.95.16 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:51:00 Win2K-f 85.89.165.41 (NET.PL):
TOYA:NET (PL),
LODZ, LODZKIE, PL. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

T:23:57:00 Win2K-f 212.70.152.74 (-):
MADHOUSE,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none

23:58:00 Win2K-f 203.125.19.34 (SINGNET.COM.SG):
HITACHI POWDERED METALS (S) PTE LTD,
SINGAPORE, SINGAPORE, SG. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
72.249.118.38:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
NEW none[none] none:none
none|none none none