Portal Home > Knowledgebase > Transparency Report > 27/11/2013 [HACK] Shadowserver Foundation @ Netherlands 16 (80)

27/11/2013 [HACK] Shadowserver Foundation @ Netherlands 16 (80)

"timestamp","ip","asn","geo","url","type","http_agent","tor","src_port","p0f_genre","p0f_detail","hostname","dst_port","http_host","http_referer","http_referer_asn","http_referer_geo","dst_ip","dst_asn","dst_geo"
"2013-11-25 22:32:53","46.19.35.11",196752,"NL","GET / HTTP/1.0","downadup","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",,1671,,,,80,"trafficconverter.biz",,,,"38.102.150.28",174,"US"

Action that has been taken from Proxy.sh: The above information relates to a security report sent by Shadowserver Foundation to our datacenter. The domain in question is used for spam and illegal network penetration. We have nulled destination to trafficconverter.biz (38.102.150.28) on this server. Datacenter also requested active logging/monitoring via Wireshark to identify infringer, but we denied this request with respect to our ethics and terms that guarantee the protection of your privacy.
Related Knowledgebase Articles