|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| T:00:08:00 | WinXP | 91.66.61.92 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 30 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 | 8c91a7ccb1 NEW |
d91e25afc8 [0] | none:none |
none|none | none | trace |
| T:00:12:00 | Win2K-f | 92.21.254.183 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | d9dc63323a NEW |
none[none] | none:none |
none|none | none | none |
| T:00:19:00 | WinXP | 95.89.237.6 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 32 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 9bbc87bf9f NEW |
none[none] | none:none |
none|none | none | none |
| T:00:32:00 | WinXP | 114.48.1.240 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 40 | 5285741560 NEW |
60590b8b67 [0] | ASM:Graph |
none|none | lines=59 | trace | |
| T:00:52:00 | Win2K-f | 77.37.158.154 (NCNET.RU): NCN-INFRA, RU. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | b06ff148c1 NEW |
none[none] | none:none |
none|none | none | none | |
| T:00:55:00 | Win2K-f | 112.203.17.21 (-): . |
n/a | 139 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:00:59:00 | WinXP | 82.114.248.19 (-): NEW GAMMA TELECOM LTD, NICOSIA, NICOSIA, CY. |
66.252.13.214:9890 | US:f.unicat.org US:sasgrowth.com GB:www.relevet.com IR:radio.irib.ir US:216.32.75.74:80 US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp http irc 46 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 40 | 8d60c652a3 NEW |
89a3cd3a28 [0] | none:none |
ASProtect| | none | trace |
| T:01:15:00 | Win2K-f | 92.53.33.110 (IKBCC.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 8000c39c15 NEW |
none[none] | none:none |
none|none | none | none |
| T:01:28:00 | Win2K-f | 95.24.217.214 (-): . |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:01:35:00 | Win2K-f | 85.177.248.49 (ALICEDSL.DE): HANSENET-ADSL, BERLIN, BERLIN, DE. (DSL) |
n/a | 139 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:01:37:00 | Win2K-f | 89.245.253.58 (VERSANETONLINE.DE): VERSATEL NORD-DEUTSCHLAND GMBH, DE. |
66.252.13.214:9890 | US:f.unicat.org US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:01:38:00 | WinXP | 88.134.91.190 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 40 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 32 | f8aa758a9f NEW |
af0611c37f [0] | ASM:Graph |
ASProtect| | lines=415 embedded dns |
trace | |
| T:02:02:00 | Win2K-f | 70.183.160.69 (COX.NET): COX COMMUNICATIONS, NORTH KINGSTOWN, RHODE ISLAND, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 5 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:02:08:00 | Win2K-f | 65.34.55.17 (RR.COM): ROAD RUNNER HOLDCO LLC, BRADENTON, FLORIDA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 40 38 of 41 |
2af52db3b1 NEW b7f678bb46 NEW |
19058c064c [0] 241640c9af[0] |
none:none none:none |
tElock| Armadillo| |
none none |
trace trace |
| T:02:12:00 | WinXP | 61.228.201.231 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 32 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | b3ad407374 NEW |
none[none] | none:none |
none|none | none | none |
| T:02:30:00 | Win2K-f | 62.47.212.7 (TELEKOM.AT): HIGHWAY CUSTOMERS, INNSBRUCK, TIROL, AT. (DSL) |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | b9f4d1f88f NEW |
none[none] | none:none |
none|none | none | none |
| T:02:52:00 | WinXP | 78.235.140.78 (PRESTONAUTO.COM): PROXAD INTERNET SERVICE PROVIDER IN FRANCE, PARIS, ILE-DE-FRANCE, FR. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 62213c10e3 NEW |
none[none] | none:none |
none|none | none | none |
| T:02:58:00 | Win2K-f | 95.88.24.53 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 38 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace | |
| T:03:06:00 | WinXP | 114.48.177.38 (-): . |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 32 lines |
Yeah : 1.8 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:03:07:00 | WinXP | 78.236.132.40 (PRESTONAUTO.COM): PROXAD INTERNET SERVICE PROVIDER IN FRANCE, PARIS, ILE-DE-FRANCE, FR. |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:03:19:00 | Win2K-f | 95.24.189.83 (-): . |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 34 lines |
Yeah : 1.8 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:03:26:00 | Win2K-f | 217.164.122.157 (NET.AE): IWAN-ETISALAT-EMIRNET, DUBAI, DUBAI, AE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 03:29:00 | Win2K-f | 125.113.203.118 (163DATA.COM.CN): CHINANET-ZJ JINHUA NODE NETWORK, CN. |
n/a | US:www.maxmind.com US:www.getmyip.org :checkip.dyndns.org US:getmyip.co.uk 208.78.70.70:80 US:65.254.39.170:80 US:67.15.94.80:80 US:75.126.138.202:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
3 of 37 | d9cb288f31 NEW |
45603a001c [0] | ASM:Graph |
UPX| | lines=174 embedded dns |
trace |
| T:03:39:00 | WinXP | 114.27.187.206 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:03:40:00 | Win2K-f | 84.61.100.90 (ARCOR-IP.NET): ARCOR-DSL-NET, DE. (DSL) |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | cb46e772d0 NEW |
42aee4c04d [0] | none:none |
none|none | none | trace |
| T:03:50:00 | WinXP | 84.61.223.239 (ARCOR-IP.NET): ARCOR-DSL-NET, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 | bbb54d0172 NEW |
none[none] | none:none |
none|none | none | none |
| T:04:07:00 | Win2K-f | 80.121.72.64 (TELEKOM.AT): HIGHWAY CUSTOMERS, SALZBURG, SALZBURG, AT. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:04:20:00 | Win2K-f | 91.66.4.252 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:9890 | US:f.unicat.org US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp irc 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:04:25:00 | WinXP | 112.202.214.29 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:04:37:00 | Win2K-f | 220.141.34.1 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:04:41:00 | WinXP | 78.231.121.51 (PRESTONAUTO.COM): PROXAD INTERNET SERVICE PROVIDER IN FRANCE, PARIS, ILE-DE-FRANCE, FR. |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | dadd69559d NEW |
none[none] | none:none |
none|none | none | none |
| T:04:41:00 | Win2K-f | 174.1.98.71 (-): . |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 247 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 39 of 41 |
6abd2f0404 NEW 7bc0367ae2 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:05:03:00 | Win2K-f | 94.52.89.42 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:05:05:00 | WinXP | 114.48.9.20 (-): . |
n/a | 139 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:05:06:00 | WinXP | 112.202.25.111 (-): . |
n/a | 139 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:05:24:00 | Win2K-f | 77.23.40.45 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 39 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace | |
| 05:32:00 | Win2K-f | 87.18.252.119 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, IT. |
n/a | US:trafficconverter.biz NL:www.ask.com :lfulzoz.net US:pqrskfih.org US:wyfbt.info :fizkne.com :pnaafcueh.biz :ibafpwqz.com US:xerjtndnles.org US:gvkqclgl.org :agctq.com :yjttncui.biz :qupswpk.com US:nbatefyi.org :qofzn.com :pcsoqu.biz :jpmahs.com :uydmcg.net :kfjxirhx.com US:fyeessygcm.org :aqbppt.biz :fvosobcuyx.com :iggzbqif.net :kaiqgblq.com :yjqptwoi.biz :detdsqmx.biz US:oxyckte.org :cmjkvovupd.biz :uitmffpqzs.net :dtyquf.com :srcqfcym.biz :yqghcwwqsv.net :luysqbq.biz NL:voinwuqdz.info :jhyggrxkxa.net :gxqzypmw.com :ipbciqemia.net US:kjmqbiqkc.org :ssouar.biz US:hybsw.org US:dsboffuswau.info :jntowmev.net US:204.152.184.139:80 US:74.208.64.145:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:05:35:00 | WinXP | 87.116.235.212 (TNP.PL): NETWORK OF INTERNET SERVICE PROVIDER, PL. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.8 profile |
none | summary tarball |
32 of 32 | 5818023061 NEW |
none[0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:05:37:00 | WinXP | 87.123.24.20 (VERSANET.DE): VERSATEL DEUTSCHLAND DYNAMIC POOL, BERLIN, BERLIN, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 40 | fb9a13cb52 NEW |
none[none] | none:none |
none|none | none | none |
| T:05:42:00 | Win2K-f | 92.74.204.181 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | ea07a31ca7 NEW |
none[none] | none:none |
none|none | none | none |
| T:05:49:00 | Win2K-f | 78.62.17.213 (ZEBRA.LT): LIETUVOS, LT. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | 770a7c2072 NEW |
none[none] | none:none |
none|none | none | none |
| T:05:53:00 | WinXP | 95.90.59.84 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:06:08:00 | Win2K-f | 92.53.8.48 (IKBCC.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 8000c39c15 NEW |
none[none] | none:none |
none|none | none | none |
| T:06:20:00 | WinXP | 85.176.189.170 (ALICEDSL.DE): HANSENET-ADSL, LUBECK, SCHLESWIG-HOLSTEIN, DE. (DSL) |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
139 | pcap | raw alerts ruleset |
ftp irc 35 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 08c2d6188e NEW |
none[none] | none:none |
none|none | none | none |
| T:06:22:00 | Win2K-f | 188.193.150.99 (DAVITA.COM): VARIOUS REGISTRIES, UK. |
66.252.13.214:9890 | US:f.unicat.org US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:06:27:00 | WinXP | 92.81.12.25 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:06:33:00 | Win2K-f | 80.140.110.69 (T-DIALIN.NET): DEUTSCHE TELEKOM AG, BAMBERG, BAYERN, DE. (DIAL) |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:06:34:00 | Win2K-f | 212.36.230.32 (-): BYNET, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 33 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:06:39:00 | WinXP | 59.114.120.109 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 28 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 39 | f4b8e2c149 NEW |
42a8943248 [0] | none:none |
none|none | none | trace |
| T:06:44:00 | WinXP | 78.8.200.207 (NET.PL): DIALOG, WROCLAW, DOLNOSLASKIE, PL. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 29 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 | 6fb044ef43 NEW |
15fab32ab4 [0] | none:none |
none|none | none | trace |
| T:06:45:00 | Win2K-f | 74.68.30.34 (RR.COM): ROAD RUNNER HOLDCO LLC, STATEN ISLAND, NEW YORK, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 5 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:07:14:00 | WinXP | 77.23.248.83 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 38 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace | |
| T:07:19:00 | WinXP | 88.134.138.156 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. (DSL) |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | f0f7282a7d NEW |
none[none] | none:none |
none|none | none | none |
| T:07:20:00 | Win2K-f | 220.136.191.229 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:07:31:00 | Win2K-f | 92.229.63.162 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:07:37:00 | WinXP | 121.2.21.45 (SO-NET.NE.JP): SO-NET SERVICE, JP. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 27 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | c98b7aa82a NEW |
none[none] | none:none |
none|none | none | none |
| T:07:43:00 | Win2K-f | 125.230.18.111 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
139 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:07:43:00 | Win2K-f | 85.218.104.211 (CITYCABLE.CH): SIMA-LAUSANNE, CH. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none | |
| T:07:55:00 | WinXP | 85.138.200.250 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, BRAGA, BRAGA, PT. |
n/a | RU:citi-bank.ru RU:213.219.245.212:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
33 of 35 | e9fcd6f257 NEW |
2e05bc2272 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:07:55:00 | WinXP | 114.37.43.150 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 28 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 40 | c1c62d3110 NEW |
6d1c94bb63 [0] | none:none |
none|none | none | trace |
| T:07:57:00 | Win2K-f | 212.106.24.46 (POLBOX.PL): POLBOX, PL. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none | |
| T:08:10:00 | WinXP | 212.106.28.253 (POLBOX.PL): POLBOX, PL. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org | 139 | pcap | raw alerts ruleset |
ftp irc 28 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:08:25:00 | WinXP | 93.221.28.170 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:9890 | US:f.unicat.org US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp irc 35 lines |
Yeah : 1.8 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:08:26:00 | Win2K-f | 189.4.166.25 (VIRTUA.COM.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 08:36:00 | Win2K-f | 92.115.190.109 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | :www.google.com :uhnquvxxqhm.net :ofbkrmet.net :fznmhyf.com :rnwtlvmavl.com :tnvvhpef.net :zeneyjz.com US:yfstmoeq.info :iajnn.com :mpnihufi.org :alhrinux.com US:204.152.184.139:80 US:74.208.64.145:80 |
445 | pcap | raw alerts ruleset |
http 7 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:08:39:00 | Win2K-f | 94.21.10.93 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:08:42:00 | WinXP | 85.139.197.198 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:08:45:00 | WinXP | 91.67.35.130 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:9890 | US:f.unicat.org US:66.252.13.214:9890 |
445 | pcap | raw alerts ruleset |
ftp irc 29 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:08:53:00 | WinXP | 95.88.22.156 (-): . |
66.252.13.214:9890 66.252.13.214:2081 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:09:03:00 | WinXP | 114.36.29.145 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | c65e1d290b NEW |
none[none] | none:none |
none|none | none | none |
| T:09:12:00 | Win2K-f | 88.134.171.246 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 32 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | b62da8c0e6 NEW |
none[none] | none:none |
none|none | none | none |
| T:09:21:00 | Win2K-f | 83.135.13.235 (VERSANET.DE): VERSATEL DEUTSCHLAND DYNAMIC POOL, MARL, NORDRHEIN-WESTFALEN, DE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:09:24:00 | WinXP | 91.66.24.107 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 29 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:09:42:00 | WinXP | 93.209.172.213 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:09:44:00 | Win2K-f | 91.67.178.238 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | d9b0761214 NEW |
none[none] | none:none |
none|none | none | none |
| T:09:54:00 | WinXP | 78.62.25.97 (ZEBRA.LT): LIETUVOS, VILNIUS, VILNIAUS APSKRITIS, LT. |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | 770a7c2072 NEW |
none[none] | none:none |
none|none | none | none |
| T:10:03:00 | WinXP | 77.37.200.121 (NCNET.RU): NCN-INFRA, RU. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:10:36:00 | Win2K-f | 77.29.137.30 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none | |
| T:10:41:00 | WinXP | 67.150.173.241 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, LOS ANGELES, CALIFORNIA, US. |
n/a | :moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c NEW |
none[0] | none:none |
PolyEnE| | lines=93 embedded dns |
trace |
| T:10:45:00 | WinXP | 123.195.41.150 (ETHOME.COM.TW): TUNG HO MULTIMEDIA CO. LTD, TAIPEI, T'AI-PEI, TW. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | ea731fd0c1 NEW |
none[none] | none:none |
none|none | none | none |
| T:11:10:00 | Win2K-f | 88.173.200.197 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:14:00 | WinXP | 77.29.140.134 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org | 139 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:11:25:00 | WinXP | 88.156.22.208 (VECTRANET.PL): VECTRA S.A, OLSZTYN, WARMINSKO-MAZURSKIE, PL. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 41 | 3a7f0778b8 NEW |
none[none] | none:none |
none|none | none | none | |
| T:11:33:00 | Win2K-f | 188.192.161.131 (DAVITA.COM): VARIOUS REGISTRIES, UK. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 2c07922735 NEW |
none[none] | none:none |
none|none | none | none |
| 11:41:00 | Win2K-f | 217.132.3.41 (NETVISION.NET.IL): BB-HFA, TEL AVIV, TEL AVIV, IL. |
n/a | US:www.msn.com :ssygywo.biz :nbatefyi.org NL:riapawvxka.org :uydmcg.net US:nubstkwxcg.org :kbxcsagcbs.biz :wkehtmai.net :numok.biz US:wznpi.org :kfjxirhx.com US:nfmgsbp.info :wyfbt.info US:jhtoeosh.org :jngxpzwty.org :xjazputkpkc.com :lsihczbc.net :jpmahs.com US:mqfsr.info :yocnion.com :faaxye.info NL:xlulyuff.org :njesx.com :cjzatbck.com :nqyds.com :zeneyjz.com :yfstmoeq.info :znawdnxzp.net US:oxooecc.info :msosknuy.biz :ckvqvczeb.info US:204.152.184.139:80 US:74.208.64.145:80 |
445 | pcap | raw alerts ruleset |
http 16 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:11:43:00 | Win2K-f | 81.84.145.201 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:44:00 | WinXP | 114.39.78.190 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:11:54:00 | Win2K-f | 87.119.236.61 (SARANSK.RU): BRANCH IN MORDOVIAN REPUBLIC OJSC VOLGATELECOM, RU. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 18 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:12:01:00 | WinXP | 211.20.222.150 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
211.233.45.253:3305 | :cx10man.weedns.com :fx010413.whyI.org KR:gynoman.weedns.com FI:g.0x20.biz KR:telephone.dd.blueline.be JP:61.120.62.28:3305 |
135 | pcap | raw alerts ruleset |
irc 697 lines |
Yeah : 1.8 profile |
none | summary tarball |
28 of 41 | b8076e37ae NEW |
52953fed05 [0] | none:none |
StarForce| | none | trace |
| T:12:07:00 | Win2K-f | 62.162.178.132 (-): ADSL IP SUBNET, SKOPJE, ARACINOVO, MK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 27 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | ef3e0d9b44 NEW |
none[none] | none:none |
none|none | none | none |
| T:12:14:00 | WinXP | 211.20.54.54 (WINSTOCK.COM.TW): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 38 of 41 |
3f136c55b3 NEW ac394d7d5f NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:12:27:00 | Win2K-f | 93.114.134.30 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 32 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 0663ec4bc6 NEW |
none[none] | none:none |
none|none | none | none |
| T:12:28:00 | WinXP | 81.57.58.69 (PROXAD.NET): PROXAD / FREE TELECOM, PARIS, ILE-DE-FRANCE, FR. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 7f38ca84af NEW |
89991cf07f [0] | none:none |
PolyEnE| | none | trace |
| 12:32:00 | Win2K-f | 89.32.39.94 (AIRBITES.RO): SC ISP TOPALL SRL, RO. |
n/a | :checkip.dyndns.org US:getmyip.co.uk US:www.getmyip.org 208.78.70.70:80 US:67.15.94.80:80 US:75.126.138.202:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:12:56:00 | WinXP | 78.234.89.194 (PRESTONAUTO.COM): PROXAD INTERNET SERVICE PROVIDER IN FRANCE, PARIS, ILE-DE-FRANCE, FR. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | e87d1802f2 NEW |
none[none] | none:none |
none|none | none | none |
| T:12:59:00 | Win2K-f | 114.37.156.181 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | feee705299 NEW |
none[none] | none:none |
none|none | none | none |
| T:13:19:00 | WinXP | 189.126.21.131 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 3c0e10f512 NEW |
none[none] | none:none |
none|none | none | none |
| T:13:24:00 | WinXP | 190.225.7.126 (-): . |
n/a | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | f2a8dafb30 NEW |
none[none] | none:none |
none|none | none | none |
| T:13:25:00 | WinXP | 125.230.90.161 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 33 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:13:27:00 | WinXP | 69.72.36.23 (CORETEL.NET): CORETEL AMERICA INC, EASTON, MARYLAND, US. (DIAL) |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | f502585714 NEW |
none[0] | none:none |
PolyEnE| | lines=63 | trace |
| T:13:29:00 | Win2K-f | 78.54.147.217 (ALICEDSL.DE): HANSENET TELEKOMMUNIKATION GMBH, HAMBURG, HAMBURG, DE. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:13:36:00 | Win2K-f | 130.13.144.127 (QWEST.NET): QWEST BROADBAND SERVICES INC, PHOENIX, ARIZONA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:37:00 | WinXP | 89.195.155.168 (-): ORANGE, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:13:51:00 | WinXP | 92.80.249.169 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 4d459e9961 NEW |
none[none] | none:none |
none|none | none | none |
| T:13:58:00 | Win2K-f | 118.87.20.81 (-): . |
83.68.16.6:5190 67.43.236.67:10324 | :xx.enterhere.biz NL:xx.sqlteam.info CA:xx.nadnadzz.info :idfc.info 67.215.1.206:80 |
135 | pcap | raw alerts ruleset |
irc 351 lines |
Yeah : 1.8 profile |
none | summary tarball |
38 of 41 | 820b27d4c6 NEW |
1102de0215 [0] | none:none |
Armadillo| | none | trace |
| T:14:23:00 | WinXP | 96.49.5.211 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 1008 lines |
Yeah : 1.3 profile |
none | summary tarball |
15 of 41 | 770a04a72c NEW |
none[3] | none:none |
none|none | none | trace | |
| T:14:42:00 | Win2K-f | 4.163.115.216 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 6 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:47:00 | WinXP | 81.90.157.125 (-): AFRANET, IR. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:47:00 | Win2K-f | 85.218.104.211 (CITYCABLE.CH): SIMA-LAUSANNE, CH. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org | 139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
12 of 40 | 5ffe1c424b NEW |
none[none] | none:none |
none|none | none | none |
| T:15:01:00 | WinXP | 77.22.131.17 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 26 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:15:02:00 | WinXP | 72.181.35.142 (RR.COM): ROAD RUNNER HOLDCO LLC, HOUSTON, TEXAS, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:15:10:00 | Win2K-f | 78.234.45.218 (PRESTONAUTO.COM): PROXAD INTERNET SERVICE PROVIDER IN FRANCE, PARIS, ILE-DE-FRANCE, FR. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 31 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | e87d1802f2 NEW |
none[none] | none:none |
none|none | none | none |
| T:15:23:00 | WinXP | 95.91.54.10 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 1fb2717f24 NEW |
none[none] | none:none |
none|none | none | none |
| T:15:30:00 | Win2K-f | 85.182.43.238 (ALICEDSL.DE): HANSENET-ADSL, HAMBURG, HAMBURG, DE. (DSL) |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | adb407e3f3 NEW |
none[none] | none:none |
none|none | none | none |
| T:15:33:00 | WinXP | 91.65.127.62 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 39 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:15:45:00 | WinXP | 122.124.99.9 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | d73b3dfd4c NEW |
none[none] | none:none |
none|none | none | none |
| T:15:53:00 | WinXP | 91.66.47.17 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:2081 | US:s.unicat.org **:0.0.0.1:69 **:0.0.0.2:69 **:0.0.0.3:69 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 40 | 7e979b7973 NEW |
none[none] | none:none |
none|none | none | none |
| T:16:04:00 | Win2K-f | 84.236.58.63 (T-ONLINE.HU): PROVIDER LOCAL REGISTRY, HU. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
139 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 081df36421 NEW |
none[none] | none:none |
none|none | none | none |
| T:16:05:00 | WinXP | 24.109.64.86 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:16:05:00 | Win2K-f | 72.51.221.111 (NEWWAVECOMM.NET): NEW WAVE COMMUNICATIONS, CORBIN, KENTUCKY, US. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | e3654e49f7 NEW |
none[none] | none:none |
none|none | none | none |
| T:16:16:00 | WinXP | 91.67.229.148 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 63 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 037b03e1fa NEW |
none[none] | none:none |
none|none | none | none |
| 16:25:00 | Win2K-f | 203.223.173.245 (WOL.NET.PK): CYBERSOFT TECHNOLOGIES PLC, PK. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:16:28:00 | Win2K-f | 190.174.178.68 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:16:47:00 | Win2K-f | 173.22.154.138 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 6a82948d13 NEW |
none[none] | none:none |
none|none | none | none |
| T:16:49:00 | WinXP | 91.141.44.50 (I-ONE.AT): NETWORK OF ONE GMBH, VIENNA, WIEN, AT. |
66.252.13.214:2081 | FR:sys.zief.pl CN:gidromash.cn :nenastiya.cn CN:ottopay.cn CN:config.iwillhavesexygirls.com :wws.mobiec.net CN:russia.2288.org :xz.ub9.net :bfkq.com CN:js.users.51.la CN:icon.ajiang.net CN:web2.51.la US:s.unicat.org US:64.235.53.208:80 74.54.201.210:8392 |
445 | pcap | raw alerts ruleset |
ftp http irc 37 lines |
Yeah : 1.3 profile |
none | summary tarball |
12 of 41 17 of 41 39 of 41 1 of 40 15 of 41 8 of 41 |
0bf56c2646 NEW 285ae9c307 NEW 7f04853173 NEW 9ba2752f0b NEW c9002a685b NEW dedb9bcef0 NEW |
8d5b1dcc07 [0] none [none] none [none] none [none] none [none] 23233d4cd8[0] |
none:none none:none none:none none:none none:none none:none |
StarForce| none|none none|none none|none none|none Xtreme-Pr| |
none none none none none none |
trace none none none none trace |
| T:16:49:00 | Win2K-f | 187.6.29.29 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:17:09:00 | Win2K-f | 122.121.18.56 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:9890 | US:f.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 33 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 31 | e8d4d8cde1 NEW |
none[0] | none:none |
ASProtect| | lines=585 embedded dns |
trace |
| T:17:18:00 | WinXP | 61.231.216.16 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 35 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:17:30:00 | WinXP | 125.228.241.43 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 78 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:17:40:00 | Win2K-f | 187.22.134.141 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:17:53:00 | Win2K-f | 189.121.128.182 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:18:03:00 | WinXP | 125.233.144.7 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | e309edc289 NEW |
none[none] | none:none |
none|none | none | none |
| T:18:09:00 | WinXP | 115.163.184.147 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 54 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | fe37b448e8 NEW |
c5677fc164 [0] | none:none |
none|none | none | trace |
| T:18:16:00 | Win2K-f | 77.29.136.38 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none | |
| T:18:17:00 | Win2K-f | 114.39.152.20 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:18:20:00 | Win2K-f | 98.121.70.16 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 5 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:18:29:00 | WinXP | 114.42.161.83 (-): . |
66.252.13.214:2081 | :s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 37 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:18:37:00 | Win2K-f | 122.121.12.64 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | :s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 70500e59f4 NEW |
none[none] | none:none |
none|none | none | none |
| T:18:51:00 | WinXP | 24.31.145.166 (RR.COM): ROAD RUNNER HOLDCO LLC, PORTLAND, MAINE, US. |
211.233.45.253:3305 | JP:cx10man.weedns.com JP:fx010413.whyI.org JP:gynoman.weedns.com KR:g.0x20.biz JP:c010x1.co.cc JP:commgr.co.cc KR:telephone.dd.blueline.be JP:61.120.62.28:3305 |
135 | pcap | raw alerts ruleset |
irc 578 lines |
Yeah : 1.8 profile |
none | summary tarball |
38 of 41 | 3e30dc90de NEW |
none[none] | none:none |
none|none | none | none |
| T:18:55:00 | WinXP | 63.151.109.189 (SONIC.COM): ST OF TX - GEUS, ASHLAND, OREGON, US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | ed96c03ca8 NEW |
c0028e9e98 [0] | none:none |
PolyEnE| | none | trace |
| T:18:57:00 | WinXP | 77.29.137.218 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
87.118.98.185:7000 | :sobiesk1.myftp.org DE:87.118.98.185:7000 |
139 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:19:10:00 | WinXP | 189.33.235.6 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 47ccab1e18 NEW |
none[none] | none:none |
none|none | none | none |
| T:19:21:00 | WinXP | 69.85.112.164 (SPEAKEASY.NET): US. |
n/a | RU:citi-bank.ru RU:213.219.245.212:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 35 | 9716d7995a NEW |
c3a5354b6f [0] | none:none |
PolyEnE| | none | trace |
| T:19:32:00 | WinXP | 213.39.141.122 (HANSENET.DE): HANSENET TELEKOMMUNIKATION GMBH, HAMBURG, HAMBURG, DE. (DSL) |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:19:42:00 | WinXP | 190.174.4.226 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 00cc506b3e NEW |
none[none] | none:none |
none|none | none | none |
| T:19:46:00 | Win2K-f | 125.228.233.34 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:19:47:00 | WinXP | 112.202.6.89 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:19:50:00 | Win2K-f | 189.5.138.193 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, GOIâNIA, GOIáS, BR. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:19:59:00 | Win2K-f | 211.110.179.251 (HAEDONGTEK.CO.KR): THRUNET CO. LTD, SEOUL, KYONGGI-DO, KR. |
91.212.220.156:65520 | EU:proxim.ircgalaxy.pl CN:gidromash.cn CN:ottopay.cn :www.petdoso.com :nenastiya.cn :bfkq.com US:jsactivity.com :search.toptravellingtips.com US:linktoyoursitehere.info :sendfan.com :searchchocolates.com 174.133.126.2:8392 174.133.34.178:80 174.36.176.242:81 74.54.201.210:8392 FR:91.121.221.157:65520 EU:91.212.220.156:65520 |
139 | pcap | raw alerts ruleset |
irc http 120 lines |
Yeah : 1.3 profile |
none | summary tarball |
12 of 41 0 of 41 21 of 41 8 of 41 1 of 40 9 of 41 8 of 41 38 of 41 |
0bf56c2646 NEW 14cabeaae9 NEW 1b7635d92c NEW 6b4c336a8a NEW 9ba2752f0b NEW ab9af7c472 NEW dedb9bcef0 NEW f681ae426c NEW |
8d5b1dcc07 [0] none [none] 28cf6965a6[0] none [none] none [none] none [none] 23233d4cd8[0] none [none] |
none:none none:none none:none none:none none:none none:none none:none none:none |
StarForce| none|none MEW| none|none none|none none|none Xtreme-Pr| none|none |
none none none none none none none none |
trace none trace none none none trace none |
| 20:01:00 | WinXP | 211.110.179.251 (HAEDONGTEK.CO.KR): THRUNET CO. LTD, SEOUL, KYONGGI-DO, KR. |
91.121.221.157:65520 | CN:gidromash.cn CN:ottopay.cn :www.petdoso.com :nenastiya.cn CN:config.iwillhavesexygirls.com :wws.mobiec.net :bfkq.com CN:russia.2288.org CN:js.users.51.la CN:icon.ajiang.net CN:web2.51.la US:xz.ub9.net US:jsactivity.com :pk.ub9.net 174.133.126.2:8392 174.133.57.141:80 74.54.201.210:8392 |
139 | pcap | raw alerts ruleset |
irc http 33 lines |
Yeah : 1.3 profile |
none | summary tarball |
12 of 41 21 of 41 17 of 41 15 of 41 8 of 41 27 of 40 22 of 41 |
0bf56c2646 NEW 1b7635d92c NEW 285ae9c307 NEW c9002a685b NEW dedb9bcef0 NEW e8de193982 NEW e8efdff2bd NEW |
8d5b1dcc07 [0] 28cf6965a6[0] none [none] none [none] 23233d4cd8[0] f53bdf64cf[0] cb8113a617[0] |
none:none none:none none:none none:none none:none none:none none:none |
StarForce| MEW| none|none none|none Xtreme-Pr| StarForce| StarForce| |
none none none none none none none |
trace trace none none trace trace trace |
| T:20:12:00 | Win2K-f | 173.22.146.125 (-): . |
n/a | :search.biduplinks.co.uk GB:www.biduplinks.co.uk :search.smarturl.co.uk :hophealth.com 74.55.140.90:80 |
445 | pcap | raw alerts ruleset |
http irc 89 lines |
Yeah : 0.8 profile |
none | summary tarball |
15 of 41 | 872014ce6a NEW |
none[none] | none:none |
none|none | none | none |
| T:20:16:00 | WinXP | 95.90.7.90 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:20:37:00 | Win2K-f | 119.234.18.148 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:20:55:00 | WinXP | 61.231.190.68 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:20:58:00 | Win2K-f | 125.163.33.166 (TELKOM.NET.ID): TLKM_D3_BB_SPEEDY_BD, JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. |
n/a | EE:www.starman.ee :pornobiffen.info US:advcacy.com US:gameesrb.info US:durrastiorn.info US:dnschecker.net US:wellnesshour.info US:gardendebt.com US:chicagocomputerlessons.com US:prorgnorsis.info |
445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 20:59:00 | WinXP | 70.64.212.40 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, MOOSE JAW, SASKATCHEWAN, CA. (DSL) |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 912a073945 NEW |
7874c7f21e [0] | none:none |
PolyEnE| | none | trace |
| T:21:09:00 | WinXP | 220.136.71.101 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 38 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | c9f65ef422 NEW |
7c95df9a67 [0] | none:none |
none|none | none | trace |
| T:21:16:00 | Win2K-f | 114.48.224.12 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:21:21:00 | WinXP | 90.143.146.131 (SWIP.NET): SWIPNET, SE. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
7 of 41 | 0d9d766f17 NEW |
7d5360a3a6 [0] | none:none |
Armadillo| | none | trace | |
| T:21:28:00 | WinXP | 77.29.129.74 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org DE:87.118.98.185:7000 |
139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:21:39:00 | WinXP | 95.88.19.130 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 40 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| T:21:39:00 | WinXP | 212.106.28.178 (POLBOX.PL): POLBOX, PL. |
87.118.98.185:7000 | DE:sobiesk1.myftp.org DE:87.118.98.185:7000 |
139 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 40 | 88ae32e138 NEW |
none[none] | none:none |
none|none | none | none |
| T:21:44:00 | Win2K-f | 114.46.107.227 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
33 of 41 | 7089e5b7c0 NEW |
af3b3abd81 [0] | none:none |
Mew| | none | trace | |
| T:22:02:00 | Win2K-f | 173.168.126.223 (-): . |
n/a | FI:cx10man.weedns.com AR:fx010413.whyI.org KR:gynoman.weedns.com TH:g.0x20.biz KR:telephone.dd.blueline.be JP:61.120.62.28:3305 |
135 | pcap | raw alerts ruleset |
irc 606 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | 56ba476afd NEW |
none[none] | none:none |
none|none | none | none |
| T:22:10:00 | Win2K-f | 114.47.84.222 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 70500e59f4 NEW |
none[none] | none:none |
none|none | none | none |
| T:22:15:00 | WinXP | 114.43.6.98 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 8abb75cb76 NEW |
d343494cab [0] | none:none |
none|none | none | trace |
| T:22:17:00 | Win2K-f | 114.41.193.77 (-): . |
66.252.13.214:2081 | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| 22:18:00 | Win2K-f | 80.99.145.152 (BROADBAND.HU): UPC MAGYARORSZAG KFT, DEBRECEN, HAJDU-BIHAR, HU. |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 15 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:22:22:00 | WinXP | 114.45.162.99 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 41 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |
| 22:28:00 | Win2K-f | 190.102.214.47 (-): . |
n/a | US:www.msn.com :lsiydg.biz :pqgqhyz.biz :qxwioep.net :xpicmiqg.com :wzsuxbebg.org :ljvmr.net :jfxwwvcvzzc.net :gntzxsfn.biz US:rjvhbu.org NL:ijbip.info :qwcjbvl.net US:aztxg.info :nrkdzx.net US:zncvgafqnfz.info US:ylllrcfe.info :lknwo.info NL:otyvuuygi.org :hrdyl.biz :noskg.biz US:ekybyd.org :rzpsyyrlsxs.info NL:ohceuhvynz.info US:sxkgcncv.org :gqufwhz.net :phyjfrk.net :pifxaytdpy.biz :gbugg.org NL:xdxfae.info US:bidhjkfjhad.info :oatmifze.net US:tjsgqb.org :xuqzpffpfu.net :eadudxzi.com :kiapsupywjn.biz :xpcfcbnd.biz :mpkrjit.biz :wjoql.com :rrnicdll.net NL:etcwzkgx.org :otznwvcex.com US:ijypaufisb.org :rwhghqmn.biz :ipabjua.com :gojbdodm.net NL:arcfgtjwk.org US:hfbeaguouf.org :jgouqpp.com :yhqvuggl.net :xpltwnyo.com :zrvjjyh.biz US:204.152.184.139:80 US:74.208.64.145:80 |
445 | pcap | raw alerts ruleset |
http 24 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 22:39:00 | Win2K-f | 79.126.58.26 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 7 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:22:41:00 | Win2K-f | 114.48.144.59 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 22:50:00 | Win2K-f | 217.144.222.146 (NET.PL): INTERNET SOLUTIONS ISP, TARNOW, MALOPOLSKIE, PL. |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 3 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:22:54:00 | Win2K-f | 96.48.112.42 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 455 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 88d0adb0e6 NEW |
none[none] | none:none |
none|none | none | none | |
| T:22:55:00 | WinXP | 60.236.96.229 (MESH.AD.JP): NEC CORPORATION, JP. |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | fd386495e1 NEW |
411723ff7f [0] | none:none |
none|none | none | trace |
| T:22:57:00 | WinXP | 118.101.4.20 (-): . |
66.252.13.214:2081 | US:s.unicat.org | 445 | pcap | raw alerts ruleset |
ftp irc 44 lines |
Yeah : 1.3 profile |
none | summary tarball |
41 of 41 | 8f628f65cf NEW |
none[none] | none:none |
none|none | none | none |
| 23:03:00 | Win2K-f | 87.2.58.159 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, PADOVA, VENETO, IT. |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 5 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:23:06:00 | Win2K-f | 77.37.213.148 (NCNET.RU): NCN-INFRA, RU. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:23:10:00 | Win2K-f | 61.229.4.249 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | bd5434d6d0 NEW |
none[none] | none:none |
none|none | none | none |
| 23:10:00 | Win2K-f | 114.123.66.126 (-): . |
n/a | US:trafficconverter.biz US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 17 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:23:16:00 | WinXP | 78.50.113.183 (ALICEDSL.DE): HANSENET TELEKOMMUNIKATION GMBH, HAMBURG, HAMBURG, DE. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:21:00 | Win2K-f | 95.24.93.78 (-): . |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 10 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 23:32:00 | Win2K-f | 78.139.174.240 (-): CAUCASUS NETWORK LTD, GE. |
n/a | US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 12 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:23:40:00 | WinXP | 86.63.84.101 (COM.PL): ASTA-NET CUSTOMERS, PL. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | b8c95397b8 NEW |
none[none] | none:none |
none|none | none | none |
| T:23:40:00 | Win2K-f | 220.141.0.80 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
37 of 41 | e309edc289 NEW |
none[none] | none:none |
none|none | none | none |
| 23:44:00 | Win2K-f | 114.41.215.121 (-): . |
n/a | US:trafficconverter.biz US:204.152.184.139:80 |
445 | pcap | raw alerts ruleset |
http 9 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:23:47:00 | WinXP | 91.67.178.249 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
39 of 41 | d9b0761214 NEW |
none[none] | none:none |
none|none | none | none |
| T:23:57:00 | Win2K-f | 77.22.70.66 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | cd6e300a29 NEW |
fba970f3f2 [0] | none:none |
StarForce| | none | trace |
| 23:57:00 | Win2K-f | 207.5.188.179 (GWI.NET): GREAT WORKS INTERNET, SHAPLEIGH, MAINE, US. (DSL) |
n/a | US:www.maxmind.com US:www.getmyip.org :checkip.dyndns.org US:getmyip.co.uk US:204.152.184.139:80 208.78.70.70:80 US:65.254.39.170:80 US:75.126.138.202:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:23:59:00 | WinXP | 220.131.64.27 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:s.unicat.org US:66.252.13.214:2081 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
37 of 41 | 67a66839f7 NEW |
7b1fc808a3 [0] | none:none |
none|none | none | trace |