Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

21 December 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:05:00 Win2K-f 118.168.189.240 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:06:00 Win2K-f 220.184.68.211 (163DATA.COM.CN):
CHINANET-ZJ HANGZHOU NODE NETWORK,
HANGZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:07:00 Win2K-f 202.70.32.98 (-):
THE FIRST E-COMMERCE ISP IN MONGOLIA. WE PROVIDE,
ULAANBAATAR, ULAANBAATAR, MN. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:12:00 Win2K-f 189.43.112.130 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:17:00 Win2K-f 24.78.163.91 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
NORTH VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:17:00 Win2K-f 118.168.189.240 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:27:00 Win2K-f 12.120.15.38 (ATT.NET):
AT&T WORLDNET SERVICES,
MORRISTOWN, NEW JERSEY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:29:00 Win2K-f 119.140.51.101 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:30:00 Win2K-f 118.231.71.63 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:31:00 Win2K-f 219.152.84.118 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

00:32:00 Win2K-f 59.105.92.27 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:33:00 Win2K-f 87.10.165.251 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
ALAGNA VALSESIA, PIEMONTE, IT. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:35:00 Win2K-f 59.105.92.27 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:43:00 Win2K-f 208.98.43.120 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:44:00 Win2K-f 122.55.164.224 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:44:00 Win2K-f 60.162.82.56 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:00:51:00 Win2K-f 117.39.75.194 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:56:00 Win2K-f 89.125.95.13 (-):
IBIS-PA-NAVINI-NET,
DUBLIN, DUBLIN, IE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:59:00 Win2K-f 124.83.19.85 (PLDT.NET):
BNKC7300I01_CONSUMER,
PH. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:230 hits: 11-25 to 12-20] none[3] none:none
Armadillo| none trace

T:01:01:00 Win2K-f 92.51.70.146 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:04:00 Win2K-f 217.112.24.195 (-):
NETWORK FOR GRANDSOFTCITY,
MOSCOW, MOSKVA, RU. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:07:00 Win2K-f 217.23.26.242 (NNOV.RU):
PROVIDER LOCAL REGISTRY,
RU. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:08:00 Win2K-f 94.75.216.75 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:12:00 Win2K-f 217.23.26.242 (NNOV.RU):
PROVIDER LOCAL REGISTRY,
RU. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:16:00 Win2K-f 218.63.56.74 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:17:00 Win2K-f 125.201.205.135 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:17:00 Win2K-f 95.104.3.47 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:20:00 Win2K-f 170.51.37.104 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

01:22:00 Win2K-f 211.20.144.65 (SANGMIN.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:31:00 Win2K-f 219.86.200.143 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:32:00 Win2K-f 122.127.134.26 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

01:33:00 Win2K-f 200.112.153.139 (NET.AR):
BROADBANDTECH S. A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:33:00 Win2K-f 122.127.134.26 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:37:00 Win2K-f 79.127.122.108 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:38:00 Win2K-f 60.250.72.223 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:42:00 Win2K-f 79.127.122.108 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:47:00 Win2K-f 156.110.83.20 (OK.US):
OKLAHOMA STATE REGENTS FOR HIGHER EDUCATION,
OKLAHOMA CITY, OKLAHOMA, US. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:50:00 Win2K-f 92.80.167.36 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

01:52:00 Win2K-f 186.9.145.182 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:53:00 Win2K-f 83.97.150.208 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80
ES:83.97.150.208:8275 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:55:00 Win2K-f 208.75.188.10 (-):
FLOWLINELIQUIDLEVEL.NET,
DE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:59:00 Win2K-f 85.152.60.249 (CM-85-152-59-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:01:59:00 Win2K-f 116.11.173.208 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:02:00:00 Win2K-f 12.120.15.38 (ATT.NET):
AT&T WORLDNET SERVICES,
MORRISTOWN, NEW JERSEY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:04:00 Win2K-f 170.51.37.104 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:02:05:00 Win2K-f 59.114.45.183 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:09:00 Win2K-f 81.97.213.56 (NTL.COM):
NTL INFRASTRUCTURE - ACTON,
LONDON, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:10:00 Win2K-f 206.12.10.50 (BC.NET):
BCNET,
CA. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:15:00 Win2K-f 200.112.153.139 (NET.AR):
BROADBANDTECH S. A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:19:00 Win2K-f 59.104.7.25 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:20:00 Win2K-f 85.152.172.252 (CM-85-152-59-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:22:00 Win2K-f 115.80.115.164 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

02:28:00 Win2K-f 71.106.158.224 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
WHITTIER, CALIFORNIA, US. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

02:29:00 Win2K-f 85.152.172.252 (CM-85-152-59-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:35:00 Win2K-f 217.20.121.42 (EDV-BUCHVERSAND.DE):
NETDIRECT-NET-DEINPROVIDER,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:38:00 Win2K-f 59.115.214.190 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:38:00 Win2K-f 60.184.213.187 (163DATA.COM.CN):
CHINANET-ZJ LISHUI NODE NETWORK,
LISHUI, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:39:00 Win2K-f 69.15.102.69 (-):
INSIGHT RESEARCH,
ATLANTA, GEORGIA, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:40:00 Win2K-f 222.48.14.237 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:44:00 Win2K-f 117.61.82.168 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

02:49:00 Win2K-f 61.59.139.86 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:51:00 Win2K-f 123.204.75.181 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:52:00 Win2K-f 82.252.195.232 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:57:00 Win2K-f 124.8.250.215 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:58:00 Win2K-f 186.12.54.238 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

03:01:00 Win2K-f 220.184.68.211 (163DATA.COM.CN):
CHINANET-ZJ HANGZHOU NODE NETWORK,
HANGZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:06:00 Win2K-f 118.232.8.70 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:07:00 Win2K-f 61.56.170.129 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:10:00 Win2K-f 190.227.40.168 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:59 hits: 11-23 to 12-20] none[3] none:none
StarForce| none trace

03:11:00 Win2K-f 92.51.70.146 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:11:00 Win2K-f 59.121.43.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:15:00 Win2K-f 186.12.88.236 (-):
. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:16:00 Win2K-f 210.5.34.111 (-):
BROADBAND ISP FOR SCREEN MEDIA INDUSTRIES,
AU. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:24:00 Win2K-f 118.171.230.214 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:26:00 Win2K-f 222.48.14.237 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:30:00 Win2K-f 222.89.31.161 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:31:00 Win2K-f 221.127.70.249 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:31:00 Win2K-f 59.121.43.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:31:00 Win2K-f 85.70.173.121 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:03:32:00 Win2K-f 118.171.230.214 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:41:00 Win2K-f 121.33.25.164 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:03:42:00 Win2K-f 61.47.61.218 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:45:00 Win2K-f 125.224.177.213 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

03:46:00 Win2K-f 61.47.61.218 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:52:00 Win2K-f 122.123.232.172 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:56:00 Win2K-f 60.184.213.187 (163DATA.COM.CN):
CHINANET-ZJ LISHUI NODE NETWORK,
LISHUI, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:57:00 Win2K-f 220.131.165.28 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:59:00 Win2K-f 200.35.226.15 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:01:00 Win2K-f 74.87.228.125 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:04:00 Win2K-f 92.84.228.174 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:128 hits: 11-20 to 12-20] none[3] none:none
StarForce| none trace

04:06:00 Win2K-f 91.98.159.211 (-):
PARS,
IR. n/a 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

04:11:00 Win2K-f 62.72.228.1 (MULTI.FI):
- OY MULTI.FI FINLAND AB LTD,
KOKKOLA, LANSI-SUOMEN LAANI, FI. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

04:16:00 Win2K-f 92.84.228.174 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:128 hits: 11-20 to 12-20] none[3] none:none
StarForce| none trace

T:04:17:00 Win2K-f 190.188.134.66 (NET.AR):
PRIMA S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:04:20:00 Win2K-f 84.54.214.118 (-):
LERMONTOV TOWN TELEGRAF-TELEPHONE OFFICE,
LERMONTOV, STAVROPOL'SKIY KRAY, RU. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:22:00 Win2K-f 201.234.162.37 (COM.AR):
COOPERATIVA VILLA DEL ROSARIO (COOVILROS),
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:79 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

04:24:00 Win2K-f 61.56.170.129 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:26:00 Win2K-f 116.52.124.216 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:29:00 Win2K-f 60.52.64.79 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
BATU PAHAT, JOHOR, MY. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:04:31:00 Win2K-f 87.62.135.7 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:33:00 Win2K-f 87.62.135.7 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:34:00 Win2K-f 117.65.95.239 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:35:00 Win2K-f 61.11.55.89 (ETH.NET):
VIDESH SANCHAR NIGAM LTD - INDIA,
HYDERABAD, ANDHRA PRADESH, IN. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:41:00 Win2K-f 170.51.59.62 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:79 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

T:04:43:00 Win2K-f 121.33.25.164 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:04:44:00 Win2K-f 203.73.46.144 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:45:00 Win2K-f 201.234.162.230 (COM.AR):
COOPERATIVA VILLA DEL ROSARIO (COOVILROS),
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:79 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

04:49:00 Win2K-f 59.124.84.1 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:59:00 Win2K-f 114.47.83.239 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:59:00 Win2K-f 118.120.146.49 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:01:00 Win2K-f 85.95.187.173 (SARANSK.RU):
BRANCH IN MORDOVIAN REPUBLIC,
RU. (DIAL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:02:00 Win2K-f 59.104.252.239 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:04:00 Win2K-f 123.204.80.90 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:06:00 Win2K-f 69.15.102.69 (-):
INSIGHT RESEARCH,
ATLANTA, GEORGIA, US. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:09:00 Win2K-f 190.49.39.189 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:09:00 Win2K-f 116.52.124.216 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:12:00 Win2K-f 114.101.183.93 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:14:00 Win2K-f 87.110.0.237 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:17:00 Win2K-f 122.127.50.104 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:21:00 Win2K-f 114.101.183.93 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:24:00 Win2K-f 220.163.192.91 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:27:00 Win2K-f 122.118.87.85 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:29:00 Win2K-f 203.73.46.144 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:32:00 Win2K-f 212.68.53.20 (-):
NETWING,
AT. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:05:37:00 Win2K-f 61.59.146.12 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:40:00 Win2K-f 78.49.15.85 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:42:00 Win2K-f 118.169.171.67 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:44:00 Win2K-f 200.107.35.150 (ANDINANET.NET):
ANDINATEL S.A,
QUITO, PICHINCHA, EC. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:58 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

05:51:00 Win2K-f 122.118.87.85 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:54:00 Win2K-f 87.121.148.234 (NETERRA.NET):
NETERRAIP,
BG. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

05:55:00 Win2K-f 202.132.246.80 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:58:00 Win2K-f 189.62.112.40 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

05:58:00 Win2K-f 201.69.133.42 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:59:00 Win2K-f 77.20.37.21 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:07:00 Win2K-f 212.18.79.67 (EYE-TREK.COM):
PELIKAN & PARTNER,
DE. (DIAL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:09:00 Win2K-f 201.172.20.218 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:06:09:00 Win2K-f 85.122.40.140 (RNC.RO):
RNC,
RO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:13:00 Win2K-f 72.37.161.170 (-):
SIRIUS TELECOM,
SANTA BARBARA, CALIFORNIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:14:00 Win2K-f 189.87.218.77 (-):
. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:17:00 Win2K-f 94.76.208.43 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:22:00 Win2K-f 122.117.247.150 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:26:00 Win2K-f 170.51.59.62 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:79 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

06:30:00 Win2K-f 190.50.52.138 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

06:31:00 WinXP 211.24.141.198 (TIME.NET.MY):
TIME TELECOMMUNICATIONS SDN BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4110 hits: 06-17 to 12-20]
73f1082158
[Firefox:2043 hits: 06-18 to 12-20] 1473091351 [0]
none [0] ASM:Graph
none:none
tElock|
Armadillo| lines=75
embedded dns
lines=90 trace
trace

T:06:31:00 Win2K-f 122.117.159.82 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:32:00 Win2K-f 94.51.164.171 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:33:00 Win2K-f 186.12.11.26 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

06:36:00 Win2K-f 78.39.74.90 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:37:00 Win2K-f 190.30.144.67 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:44:00 Win2K-f 125.233.208.216 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:44:00 Win2K-f 221.126.239.248 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:45:00 Win2K-f 221.126.239.248 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:46:00 Win2K-f 81.41.74.73 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
ES. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:49:00 Win2K-f 189.30.9.173 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
BR:189.30.9.173:7213
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:01:00 Win2K-f 124.105.176.37 (PLDT.NET):
CTAC7300I03_CONSUMER,
PH. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:07:01:00 Win2K-f 222.52.65.220 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:03:00 Win2K-f 186.12.11.26 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:07:04:00 Win2K-f 59.92.56.131 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
CHENNAI, TAMIL NADU, IN. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:07:06:00 Win2K-f 78.38.78.226 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:09:00 Win2K-f 124.66.108.185 (-):
CNC GROUP HAINAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:13:00 Win2K-f 77.22.29.41 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:230 hits: 11-25 to 12-20] none[3] none:none
Armadillo| none trace

07:13:00 Win2K-f 122.123.105.109 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:14:00 Win2K-f 119.84.159.189 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:20:00 Win2K-f 186.9.134.182 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

07:31:00 Win2K-f 190.64.5.239 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:33:00 Win2K-f 124.66.108.185 (-):
CNC GROUP HAINAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

07:36:00 Win2K-f 64.16.220.108 (SAGONET.NET):
SAGO NETWORKS,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:37:00 Win2K-f 122.126.133.211 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:37:00 Win2K-f 91.67.44.96 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:38:00 Win2K-f 122.123.105.109 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:40:00 Win2K-f 114.48.171.122 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:46:00 Win2K-f 123.204.144.161 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:49:00 Win2K-f 93.81.131.71 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:49:00 Win2K-f 119.77.199.78 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:51:00 Win2K-f 93.81.131.71 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:58:00 Win2K-f 117.34.1.25 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:01:00 Win2K-f 91.67.44.96 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:04:00 Win2K-f 195.16.59.37 (IMS-CPM.RU):
INTEGRATED MARKETING OOO,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

08:06:00 Win2K-f 75.61.52.227 (SBCGLOBAL.NET):
PPPOX POOL - BRAS6.STLSMO,
SOUTH FORK, MISSOURI, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:09:00 Win2K-f 195.16.59.37 (IMS-CPM.RU):
INTEGRATED MARKETING OOO,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:08:15:00 Win2K-f 190.224.196.250 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

08:16:00 Win2K-f 59.116.3.95 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:08:19:00 Win2K-f 75.61.52.227 (SBCGLOBAL.NET):
PPPOX POOL - BRAS6.STLSMO,
SOUTH FORK, MISSOURI, US. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
GB:www.getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:21:00 Win2K-f 70.77.212.208 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:21:00 Win2K-f 125.233.208.216 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:26:00 Win2K-f 122.160.73.231 (122.AIRTELBROADBAND.IN):
ABTS-DSL-8972-DEL,
DELHI, DELHI, IN. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:26:00 Win2K-f 170.51.119.253 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:08:31:00 Win2K-f 59.104.98.14 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:34:00 Win2K-f 87.119.254.148 (SARANSK.RU):
BRANCH IN MORDOVIAN REPUBLIC OJSC VOLGATELECOM,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:08:36:00 Win2K-f 70.38.87.126 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:39:00 Win2K-f 117.101.212.31 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:40:00 Win2K-f 91.65.33.144 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:47:00 Win2K-f 66.199.235.242 (EZZI.NET):
EZZI.NET,
CHANTILLY, VIRGINIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:50:00 Win2K-f 86.9.139.40 (NTL.COM):
NTL INFRASTRUCTURE - CAMBRIDGE,
UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:50:00 Win2K-f 114.44.183.122 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:51:00 Win2K-f 89.44.92.48 (RDSNET.RO):
SC FANTASY PRODCOM SERV IMPEX SRL,
RO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:55:00 Win2K-f 200.103.49.130 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DIAL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:56:00 Win2K-f 200.110.183.162 (COM.AR):
COOPERATIVA RURAL ELECTRICA DE BRAGADO LTDA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

09:00:00 Win2K-f 70.77.212.208 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
CA:70.77.212.208:7555
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:04:00 Win2K-f 77.20.123.55 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:05:00 Win2K-f 170.51.119.253 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

09:08:00 Win2K-f 84.121.44.63 (ONO.COM):
CABLEUROPA - ONO,
ES. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:16:00 Win2K-f 151.97.240.22 (RILPRES.UNICT.IT):
UNIVERSITA' DI CATANIA,
CATANIA, SICILIA, IT. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:17:00 Win2K-f 213.21.28.108 (-):
CALLINO GMBH,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:09:19:00 Win2K-f 121.120.88.202 (MAXIS.NET.MY):
MAXIS COMMUNICATIONS BHD,
MY. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:21:00 Win2K-f 219.86.81.150 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:26:00 Win2K-f 87.97.217.81 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:27:00 Win2K-f 114.47.59.147 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:30:00 Win2K-f 93.177.131.76 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:35:00 Win2K-f 140.113.163.53 (TTCT.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:35:00 Win2K-f 190.48.210.215 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

09:35:00 Win2K-f 87.60.31.245 (BROADBAND.TELE.DK):
TELEDANMARK,
DK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:40:00 Win2K-f 87.97.217.81 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:40:00 Win2K-f 190.51.88.251 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:48:00 Win2K-f 84.74.184.249 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:51:00 Win2K-f 93.177.131.76 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:52:00 Win2K-f 122.160.73.231 (122.AIRTELBROADBAND.IN):
ABTS-DSL-8972-DEL,
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:53:00 Win2K-f 219.86.81.150 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:55:00 Win2K-f 189.74.134.243 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:58:00 Win2K-f 98.124.11.242 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:59:00 Win2K-f 62.201.120.105 (AXELERO.HU):
T-ONLINE CATV CLIENTS,
SZEGED, CSONGRAD, HU. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 0fccd68408
[Firefox: 4 hits: 11-26 to 12-07] none[3] none:none
UPX| none trace

T:10:00:00 Win2K-f 84.74.184.249 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:08:00 Win2K-f 62.121.96.176 (WAW.PL):
OTN DZIKA IP ASSIGNMENT,
WARSAW, MAZOWIECKIE, PL. n/a US:www.maxmind.com
GB:getmyip.co.uk
GB:www.getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:14:00 Win2K-f 190.55.242.65 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

10:18:00 Win2K-f 119.85.125.175 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:18:00 Win2K-f 116.71.167.201 (-):
PTCL TRIPLE PLAY PROJECT,
ISLAMABAD, ISLAMABAD, PK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:20:00 Win2K-f 80.93.216.86 (TEKLAN.COM.TR):
DDESIGN REKLAM,
TR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:23:00 Win2K-f 59.104.66.116 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:24:00 Win2K-f 190.48.30.183 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:24:00 Win2K-f 122.121.227.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:28:00 Win2K-f 201.173.24.112 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

10:28:00 Win2K-f 200.46.107.122 (PSINETPA.NET):
NET2NET CORP,
PANAMA CITY, PANAMA, PA. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
PA:200.46.107.122:9767
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:32:00 Win2K-f 190.50.36.150 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:10:37:00 Win2K-f 212.106.55.97 (-):
TWELVENET,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:38:00 Win2K-f 190.0.137.99 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:40:00 Win2K-f 190.48.21.97 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:42:00 Win2K-f 116.71.167.201 (-):
PTCL TRIPLE PLAY PROJECT,
ISLAMABAD, ISLAMABAD, PK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:47:00 Win2K-f 88.43.60.22 (-):
NEW EUROPROGETTI S.R.L,
IT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

10:51:00 Win2K-f 200.112.141.32 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:53:00 Win2K-f 81.44.127.194 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
MARBELLA, ANDALUCIA, ES. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:10:57:00 Win2K-f 59.112.32.192 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:58:00 Win2K-f 122.123.192.142 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:59:00 Win2K-f 77.22.191.114 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:02:00 Win2K-f 59.116.32.156 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:06:00 WinXP 86.2.80.70 (NTL.COM):
NTLI,
UK. (DSL) n/a UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 986b59708d
[Firefox:115 hits: 05-08 to 12-09] none[0] none:none
PolyEnE| lines=57 trace

11:06:00 Win2K-f 59.116.32.156 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:11:00 Win2K-f 65.37.0.186 (FRONTIERNET.NET):
FRONTIER COMMUNICATIONS OF AMERICA INC,
ROCHESTER, NEW YORK, US. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:11:12:00 Win2K-f 88.2.179.84 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
VALENCIA, VALENCIA, ES. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:16:00 Win2K-f 62.201.120.105 (AXELERO.HU):
T-ONLINE CATV CLIENTS,
SZEGED, CSONGRAD, HU. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:17:00 Win2K-f 190.51.95.127 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:11:20:00 Win2K-f 69.42.52.90 (SCRATCHTELECOM.COM):
SCRATCH TELECOM,
CA. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:20:00 Win2K-f 200.107.124.21 (-):
SERCOM DE HONDURAS,
TEGUCIGALPA, FRANCISCO MORAZAN, HN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:25:00 Win2K-f 190.48.21.97 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:27:00 Win2K-f 186.12.71.245 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:11:31:00 Win2K-f 76.79.130.164 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:36:00 Win2K-f 93.177.131.253 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:36:00 Win2K-f 190.49.186.163 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

11:36:00 Win2K-f 89.40.209.25 (SMANET.RO):
JUMP NETWORK SERVICES S.R.L,
RO. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:46:00 Win2K-f 186.12.85.91 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

11:47:00 Win2K-f 201.173.34.150 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:11:51:00 Win2K-f 201.47.186.76 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:11:56:00 Win2K-f 122.123.192.142 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:56:00 Win2K-f 201.236.233.160 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:58 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

11:57:00 Win2K-f 190.64.10.113 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:01:00 Win2K-f 190.136.146.195 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:02:00 Win2K-f 186.12.85.91 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:12:07:00 WinXP 87.196.40.230 (NET.NOVIS.PT):
NOVIS TELECOM S.A,
LISBON, LISBOA, PT. (DSL) n/a UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 36 of 38 6fba91932b
NEW 736a9255f6 [0] ASM:Graph
PolyEnE| lines=68 trace

12:09:00 Win2K-f 190.48.19.214 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:10:00 Win2K-f 221.126.98.165 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:11:00 Win2K-f 194.54.40.111 (KABLONET.COM.TR):
CABLE OPERATOR NETWORK OF TURK TELEKOM,
ANKARA, ANKARA, TR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:15:00 Win2K-f 190.136.146.195 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:16:00 Win2K-f 61.7.221.99 (CDPM1.COM):
CAT TELECOM PUBLIC COMPANY LTD,
TH. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:17:00 Win2K-f 190.25.119.201 (ETB.NET.CO):
ETB - COLOMBIA,
CO. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

12:21:00 Win2K-f 89.105.7.3 (FUNDAMENTALASSET.COM):
LINK CONNECT SERVICES LTD,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:22:00 WinXP 98.141.160.84 (-):
. n/a 135 pcap raw alerts
ruleset other
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

12:26:00 Win2K-f 87.97.231.18 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
NEW none[3] none:none
MEW| none trace

T:12:28:00 Win2K-f 66.109.29.200 (GALAXYVISIONS.COM):
GALAXYVISIONS INC,
ALBANY, NEW YORK, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:31:00 Win2K-f 123.204.32.54 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:36:00 Win2K-f 190.51.95.127 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

12:38:00 Win2K-f 122.121.227.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:41:00 Win2K-f 170.51.169.156 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:46:00 Win2K-f 78.8.42.218 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:12:48:00 Win2K-f 200.106.191.141 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:12:50:00 Win2K-f 78.8.42.218 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:12:51:00 Win2K-f 190.64.14.100 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:54:00 Win2K-f 200.106.191.141 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:12:56:00 Win2K-f 79.113.147.94 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

12:58:00 Win2K-f 122.121.205.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:01:00 Win2K-f 190.64.14.100 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:03:00 Win2K-f 122.121.205.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:06:00 Win2K-f 87.121.148.158 (NETERRA.NET):
NETERRAIP,
BG. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:13:08:00 Win2K-f 190.51.247.217 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:11:00 Win2K-f 190.51.187.216 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:128 hits: 11-20 to 12-20] none[3] none:none
StarForce| none trace

T:13:13:00 Win2K-f 218.163.165.81 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:18:00 Win2K-f 79.113.147.94 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:13:23:00 Win2K-f 189.62.131.150 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

13:26:00 Win2K-f 190.51.247.217 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:28:00 Win2K-f 59.115.233.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

13:28:00 Win2K-f 190.67.82.78 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:31:00 Win2K-f 24.68.238.178 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:33:00 Win2K-f 190.132.157.255 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

13:34:00 Win2K-f 190.208.120.24 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:38:00 Win2K-f 201.206.104.133 (ICE.CO.CR):
INSTITUTO COSTARRICENSE DE ELECTRICIDAD Y TELECOM,
CR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

13:41:00 Win2K-f 96.52.45.111 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:48:00 Win2K-f 189.15.112.166 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
UBERLâNDIA, MINAS GERAIS, BR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:51:00 Win2K-f 89.179.12.150 (CORBINA.RU):
BROADBAND CUSTOMERS IN ST. PETERSBURG,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:54:00 Win2K-f 87.59.42.72 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:00:00 Win2K-f 190.105.19.212 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:27 hits: 11-27 to 12-20] none[3] none:none
Armadillo| none trace

14:00:00 Win2K-f 217.20.121.10 (EDV-BUCHVERSAND.DE):
NETDIRECT-NET-DEINPROVIDER,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:01:00 WinXP 78.130.81.186 (REV.OPTIMUS.PT):
OPTIMUS TELECOMUNICAGUES S.A,
PT. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 36 of 38 29abb49a9a
NEW bed847a713 [0] ASM:Graph
PolyEnE| lines=68 trace

14:01:00 Win2K-f 94.78.141.113 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:04:00 Win2K-f 93.156.216.230 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:06:00 Win2K-f 94.76.198.131 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:13:00 Win2K-f 190.137.168.32 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

14:18:00 Win2K-f 200.119.57.245 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:21:00 Win2K-f 170.51.157.192 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:14:21:00 Win2K-f 190.50.109.18 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

14:25:00 Win2K-f 124.44.152.23 (WAKWAK.NE.JP):
XEPHION(NTT-ME CORPORATION),
JP. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

14:25:00 Win2K-f 76.87.209.209 (G-M-I.NET):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
83 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:4110 hits: 06-17 to 12-20]
73f1082158
[Firefox:2043 hits: 06-18 to 12-20] 1473091351 [0]
none [0] ASM:Graph
none:none
tElock|
Armadillo| lines=75
embedded dns
lines=90 trace
trace

T:14:26:00 Win2K-f 59.114.44.97 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:26:00 Win2K-f 59.115.227.211 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:28:00 Win2K-f 210.4.117.63 (-):
COMCLARK,
ROXAS, CAPIZ, PH. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:38:00 Win2K-f 84.57.65.197 (ARCOR-IP.NET):
ARCOR-DSL-NET,
TRIER, RHEINLAND-PFALZ, DE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:14:43:00 Win2K-f 124.44.152.23 (WAKWAK.NE.JP):
XEPHION(NTT-ME CORPORATION),
JP. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

14:43:00 Win2K-f 201.234.138.218 (COM.AR):
IMPSAT ARGENTINA-ADSL,
AR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

14:46:00 Win2K-f 218.160.214.209 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:48:00 Win2K-f 160.75.5.81 (-):
ISTANBUL TECHNICAL UNIVERSITY,
ISTANBUL, ISTANBUL, TR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:53:00 Win2K-f 190.152.7.222 (ANDINANET.NET):
ANDINATEL S.A,
EC. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:54:00 Win2K-f 218.70.178.211 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:56:00 Win2K-f 190.50.109.18 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:15:03:00 Win2K-f 189.117.142.45 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:04:00 Win2K-f 58.49.88.124 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:06:00 Win2K-f 200.112.153.172 (NET.AR):
BROADBANDTECH S. A,
AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:15:08:00 Win2K-f 58.49.88.124 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:08:00 Win2K-f 210.21.30.55 (-):
SHUNDE COMTV (CABLE TV),
GUANGZHOU, GUANGDONG, CN. (100Mbps) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:13:00 Win2K-f 208.85.35.34 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:16:00 WinXP 85.102.163.56 (TTNET.NET.TR):
TURK TELEKOM ADSL-DYNAMIC,
ANKARA, ANKARA, TR. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 34 of 35 f63e70fa11
[Firefox: 7 hits: 10-22 to 10-28] 4f3f7ff5ac [0] ASM:Graph
PolyEnE| lines=68 trace

T:15:18:00 Win2K-f 82.118.231.41 (0RBITEL.NET):
PROVIDER LOCAL REGISTRY,
BG. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:18:00 WinXP 85.102.163.56 (TTNET.NET.TR):
TURK TELEKOM ADSL-DYNAMIC,
ANKARA, ANKARA, TR. (DSL) n/a UA:citi-bank.ru
EU:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 35 f63e70fa11
[Firefox: 7 hits: 10-22 to 10-28] 4f3f7ff5ac [0] ASM:Graph
PolyEnE| lines=68 trace

15:18:00 Win2K-f 190.90.44.244 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:15:23:00 Win2K-f 118.101.204.53 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:15:27:00 Win2K-f 210.21.30.55 (-):
SHUNDE COMTV (CABLE TV),
GUANGZHOU, GUANGDONG, CN. (100Mbps) n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:33:00 Win2K-f 88.46.101.94 (BUSINESS.TELECOMITALIA.IT):
ISTITUTO TECNICO COMMERCIALE S,
IT. (100Mbps) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:38:00 Win2K-f 89.33.213.194 (BOTOSANI.RO):
SC DIGINET SA,
RO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:38:00 Win2K-f 88.134.204.35 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:43:00 Win2K-f 218.160.214.209 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:43:00 Win2K-f 190.224.225.169 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

15:46:00 Win2K-f 218.22.106.14 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
ANHUI, ANHUI, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:48:00 Win2K-f 59.114.150.7 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:50:00 Win2K-f 59.121.194.150 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:51:00 Win2K-f 72.15.196.93 (BUILDINGITC.COM):
BUILDING IT,
JACKSONVILLE, FLORIDA, US. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:54:00 Win2K-f 190.128.15.3 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:58 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

T:15:59:00 Win2K-f 59.121.194.150 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:00:00 Win2K-f 122.121.226.42 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:04:00 Win2K-f 190.48.30.23 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:05:00 Win2K-f 190.128.36.29 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:58 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

T:16:09:00 Win2K-f 186.12.15.5 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:11:00 Win2K-f 219.139.142.46 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:14:00 Win2K-f 170.51.136.52 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:16:00 Win2K-f 190.3.122.189 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:230 hits: 11-25 to 12-20] none[3] none:none
Armadillo| none trace

16:18:00 Win2K-f 170.51.136.52 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:67.15.94.80:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:19:00 Win2K-f 194.8.75.145 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

16:27:00 Win2K-f 72.15.196.93 (BUILDINGITC.COM):
BUILDING IT,
JACKSONVILLE, FLORIDA, US. (100Mbps) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:28:00 Win2K-f 170.51.137.28 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 11 of 38 41f6a6f759
NEW none[3] none:none
StarForce| none trace

T:16:32:00 Win2K-f 186.12.111.150 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:16:33:00 WinXP 24.83.88.46 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 986b59708d
[Firefox:115 hits: 05-08 to 12-09] none[0] none:none
PolyEnE| lines=57 trace

16:36:00 Win2K-f 96.52.45.111 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:40:00 Win2K-f 24.79.139.184 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:40:00 Win2K-f 218.168.6.210 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:16:42:00 Win2K-f 219.91.87.202 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:47:00 Win2K-f 81.173.251.120 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
KOELN, NORDRHEIN-WESTFALEN, DE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

16:48:00 Win2K-f 200.81.205.129 (COM.AR):
ERTACH S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:49:00 Win2K-f 118.169.47.18 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:53:00 Win2K-f 117.55.240.20 (-):
CJ ONLINE PRIVATE LIMITED,
IN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:54:00 Win2K-f 130.13.63.129 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
DENVER, COLORADO, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox: 9 hits: 11-05 to 12-01] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

T:16:58:00 Win2K-f 190.159.111.88 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:04:00 Win2K-f 219.86.208.110 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:07:00 Win2K-f 200.112.140.204 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

17:07:00 Win2K-f 114.44.237.186 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:09:00 Win2K-f 217.20.121.42 (EDV-BUCHVERSAND.DE):
NETDIRECT-NET-DEINPROVIDER,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:11:00 Win2K-f 190.51.158.8 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

17:16:00 Win2K-f 89.138.52.183 (NETVISION.NET.IL):
NETVISION,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:19:00 Win2K-f 95.28.121.27 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:20:00 Win2K-f 190.24.52.246 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:58 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

T:17:24:00 Win2K-f 24.76.191.98 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:26:00 Win2K-f 190.128.79.156 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:17:27:00 Win2K-f 59.104.40.197 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:30:00 Win2K-f 200.112.140.204 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

17:32:00 Win2K-f 186.9.143.88 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:17:35:00 Win2K-f 123.181.145.224 (163DATA.COM.CN):
CHINANET HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:37:00 Win2K-f 190.128.79.156 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

17:37:00 Win2K-f 86.5.179.171 (NTLI.NET):
NTLI,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:17:39:00 Win2K-f 89.138.52.183 (NETVISION.NET.IL):
NETVISION,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:42:00 Win2K-f 77.39.34.96 (STAVROPOL.RU):
PJSC SOUTHERN TELECOMMUNICATIONS COMPANY,
RU. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:47:00 Win2K-f 123.204.129.60 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:52:00 Win2K-f 216.72.88.91 (GIP.NET):
EQUANT INC,
US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:17:54:00 Win2K-f 86.5.179.171 (NTLI.NET):
NTLI,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:17:58:00 Win2K-f 201.244.99.16 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

18:01:00 Win2K-f 60.177.22.218 (163DATA.COM.CN):
CHINANET-ZJ HANGZHOU NODE NETWORK,
HANGZHOU, ZHEJIANG, CN. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

18:02:00 Win2K-f 190.173.193.76 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:18:07:00 Win2K-f 201.244.137.131 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:09:00 Win2K-f 198.64.251.24 (VERIO.NET):
NTT AMERICA INC,
HOUSTON, TEXAS, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:13:00 Win2K-f 58.101.46.129 (-):
WASU TV & COMMUNICATION HOLDING CO. LTD,
HANGZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:17:00 Win2K-f 88.31.211.179 (RIMA-TDE.NET):
TELEFONICA MOVILES ESPANA (NCC#2007041930),
ES. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:19:00 Win2K-f 117.44.11.217 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:18:22:00 Win2K-f 118.170.211.232 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:25:00 Win2K-f 200.71.210.4 (-):
INCOVA,
SANTIAGO, REGION METROPOLITANA, CL. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:18:28:00 Win2K-f 61.59.225.53 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:30:00 Win2K-f 81.84.228.17 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:33:00 Win2K-f 118.101.204.53 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:18:36:00 Win2K-f 59.117.177.22 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:31 hits: 11-21 to 12-20] none[3] none:none
UPX| none trace

T:18:38:00 Win2K-f 190.105.23.223 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

18:38:00 Win2K-f 61.59.225.53 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:39:00 Win2K-f 186.12.106.138 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

18:43:00 Win2K-f 201.172.100.178 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:18:46:00 Win2K-f 190.105.21.169 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:48:00 Win2K-f 201.254.74.30 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:52:00 Win2K-f 190.12.73.99 (COMSAT.COM.PE):
OPTICAL IP,
LIMA, LIMA, PE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:52:00 Win2K-f 218.167.72.226 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

18:58:00 Win2K-f 190.128.44.197 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:00:00 Win2K-f 221.124.98.45 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:02:00 Win2K-f 217.110.204.11 (-):
COLT-1100-59452891-BBDBGH,
WALLDORF, BADEN-WURTTEMBERG, DE. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:03:00 Win2K-f 38.99.183.108 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:04:00 Win2K-f 218.173.245.133 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:07:00 Win2K-f 80.93.215.92 (TEKLAN.COM.TR):
NET-EYIGUN,
TR. (100Mbps) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

19:08:00 Win2K-f 200.42.215.124 (TRICOM.NET):
TRICOM,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

19:13:00 Win2K-f 80.93.215.92 (TEKLAN.COM.TR):
NET-EYIGUN,
TR. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:19:15:00 Win2K-f 201.254.74.30 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:23:00 Win2K-f 71.41.253.58 (RR.COM):
ROAD RUNNER HOLDCO LLC,
ORLANDO, FLORIDA, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:23:00 Win2K-f 66.90.101.63 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:25:00 Win2K-f 71.41.253.58 (RR.COM):
ROAD RUNNER HOLDCO LLC,
ORLANDO, FLORIDA, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:25:00 Win2K-f 186.9.74.6 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

19:25:00 Win2K-f 221.233.55.183 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:28:00 Win2K-f 202.73.209.33 (IWAMI.OR.JP):
IWAMI INTERNET,
JP. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:30:00 Win2K-f 87.96.205.151 (BLIXTVIK.NET):
BLIXTVIK INTERNET OCH TELEFONI AB,
SE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:41:00 Win2K-f 190.49.32.101 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

19:42:00 Win2K-f 123.204.80.90 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
TW:123.204.80.90:8538
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:43:00 Win2K-f 88.10.176.53 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
SANTA CRUZ DE TENERIFE, CANARY ISLANDS, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:45:00 Win2K-f 170.51.229.179 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:47:00 Win2K-f 190.15.194.78 (ITCSA.NET):
INFORMTICA Y TELECOMUNICACIONES S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:51:00 Win2K-f 12.120.15.37 (ATT.NET):
AT&T WORLDNET SERVICES,
MORRISTOWN, NEW JERSEY, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:53:00 Win2K-f 125.113.185.163 (163DATA.COM.CN):
CHINANET-ZJ JINHUA NODE NETWORK,
YIHU, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

19:53:00 Win2K-f 69.51.157.115 (EYEENTMDS.COM):
JAS NETWORKS INC,
HASTINGS, MICHIGAN, US. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:01:00 Win2K-f 125.113.185.163 (163DATA.COM.CN):
CHINANET-ZJ JINHUA NODE NETWORK,
YIHU, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

20:02:00 Win2K-f 87.97.243.48 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:20:04:00 Win2K-f 122.116.122.134 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:128 hits: 11-20 to 12-20] none[3] none:none
StarForce| none trace

T:20:06:00 Win2K-f 170.51.126.28 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:08:00 Win2K-f 66.90.101.63 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:17:00 Win2K-f 82.250.101.18 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:18:00 Win2K-f 170.51.126.28 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:18:00 Win2K-f 93.90.99.58 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:30:00 Win2K-f 186.9.162.186 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:32:00 Win2K-f 213.98.157.148 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2000108569),
BILBAO, PAIS VASCO, ES. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

20:34:00 Win2K-f 96.52.133.87 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

20:36:00 Win2K-f 114.44.102.94 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

20:36:00 Win2K-f 186.9.162.186 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:36:00 Win2K-f 91.139.197.196 (-):
CABLETEL_CMTS,
BG. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox: 4 hits: 12-05 to 12-19] none[3] none:none
UPX| none trace

T:20:41:00 Win2K-f 170.51.134.148 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:46:00 Win2K-f 96.52.133.87 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

T:20:49:00 Win2K-f 59.51.58.244 (-):
CHINANET HUNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:52:00 Win2K-f 221.125.136.213 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:79 hits: 11-29 to 12-20] none[3] none:none
UPX| none trace

T:20:53:00 Win2K-f 78.38.78.234 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:55:00 Win2K-f 80.59.49.128 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
VALENCIA, VALENCIA, ES. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:55:00 Win2K-f 190.7.139.40 (-):
EMTELSA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:20:59:00 Win2K-f 200.75.227.27 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:02:00 Win2K-f 186.9.189.213 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:06:00 Win2K-f 190.7.139.40 (-):
EMTELSA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

21:07:00 Win2K-f 116.75.169.136 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:09:00 Win2K-f 190.55.159.184 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:21:14:00 Win2K-f 190.208.79.208 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:15:00 Win2K-f 114.47.192.101 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:18:00 Win2K-f 194.8.75.105 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1246 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:21:24:00 Win2K-f 60.53.198.15 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:26:00 Win2K-f 200.75.227.27 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:26:00 Win2K-f 186.9.189.213 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:28:00 Win2K-f 190.49.24.152 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:29:00 Win2K-f 203.70.244.254 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

21:33:00 Win2K-f 218.36.67.89 (KRLINE.NET):
KRLINE-LLINE-WORKSCHOOL,
POHANG, CHEJU-DO, KR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:38:00 Win2K-f 85.152.121.3 (CM-85-152-106-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:38:00 Win2K-f 59.115.99.32 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:43:00 Win2K-f 221.126.123.76 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:44:00 Win2K-f 94.76.208.49 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:44:00 Win2K-f 72.73.236.6 (VERIZON.NET):
SYSTEM BIZ LLC,
MARLTON, NEW JERSEY, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:47:00 Win2K-f 95.28.31.75 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:48:00 Win2K-f 125.232.80.235 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:49:00 Win2K-f 117.65.43.124 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:54:00 Win2K-f 94.76.208.49 (-):
. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:56:00 Win2K-f 59.127.196.238 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:58:00 Win2K-f 72.73.236.6 (VERIZON.NET):
SYSTEM BIZ LLC,
MARLTON, NEW JERSEY, US. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:59:00 Win2K-f 116.23.92.213 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:03:00 Win2K-f 123.53.185.211 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:04:00 Win2K-f 190.141.184.255 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:14:00 Win2K-f 201.172.34.104 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

22:16:00 Win2K-f 78.106.34.245 (CORBINA.RU):
BROADBAND CUSTOMERS IN MOSCOW,
MOSCOW, MOSKVA, RU. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:16:00 Win2K-f 190.49.49.25 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:19:00 Win2K-f 117.81.70.175 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:21:00 Win2K-f 221.233.55.183 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
CN:221.233.55.183:3489
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:23:00 Win2K-f 95.28.31.75 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:24:00 Win2K-f 117.65.43.124 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:28:00 Win2K-f 218.70.160.8 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:22:33:00 Win2K-f 117.63.128.87 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:34:00 Win2K-f 117.68.10.243 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:22:35:00 Win2K-f 118.171.176.137 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:38:00 Win2K-f 170.51.155.3 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:595 hits: 11-22 to 12-20] none[3] none:none
UPX| none trace

T:22:39:00 Win2K-f 67.159.44.100 (JILLYRED.NET):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:46:00 Win2K-f 123.65.214.173 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:48:00 Win2K-f 201.213.215.122 (NET.AR):
PRIMA S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:22:50:00 Win2K-f 219.87.225.152 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:53:00 Win2K-f 201.39.79.97 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 3a607f4951
NEW none[3] none:none
UPX| none trace

22:56:00 Win2K-f 213.42.197.220 (-):
MAJAN PRINTING AND PACKAGING,
DUBAI, DUBAI, AE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:122 hits: 11-26 to 12-20] none[3] none:none
Armadillo| none trace

22:58:00 Win2K-f 116.23.92.213 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:58:00 Win2K-f 61.12.122.76 (-):
MILLITECH-LAN,
IN. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:59:00 Win2K-f 190.90.50.117 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:23:00:00 Win2K-f 121.31.35.32 (GXCC.NET):
CNC GROUP GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:05:00 Win2K-f 122.5.54.18 (163DATA.COM.CN):
CHINANET SHANDONG PROVINCE NETWORK,
JINAN, SHANDONG, CN. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:06:00 Win2K-f 201.168.60.137 (MARCATEL.NET.MX):
MARCATEL,
MONTERREY, NUEVO LEON, MX. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

23:11:00 Win2K-f 61.217.130.54 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:15:00 Win2K-f 61.217.130.54 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:15:00 Win2K-f 87.101.50.9 (THEWEB.GR):
THESSALONIKI,
THESSALONIKI, THESSALONIKI, GR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:16:00 Win2K-f 220.128.123.206 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:21:00 Win2K-f 80.123.32.62 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
VIENNA, WIEN, AT. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:25:00 Win2K-f 202.72.245.99 (-):
MONGOLIAN RAILWAY COMMERCIAL CENTER - RAILCOM,
ULAANBAATAR, ULAANBAATAR, MN. n/a US:www.maxmind.com
GB:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:26:00 Win2K-f 89.107.228.119 (-):
DGN TEKNOLOJI BILISIM YAYINCILIK SANAYI VE LIMITED SIRKETI,
TR. n/a US:www.maxmind.com
US:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

23:31:00 Win2K-f 123.204.70.107 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:35:00 Win2K-f 61.230.71.85 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:36:00 Win2K-f 77.22.147.147 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:37:00 Win2K-f 200.110.183.182 (COM.AR):
COOPERATIVA RURAL ELECTRICA DE BRAGADO LTDA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:514 hits: 11-30 to 12-20] none[3] none:none
StarForce| none trace

T:23:38:00 Win2K-f 125.127.12.42 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
GB:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:41:00 Win2K-f 77.42.58.115 (VICENZAWIRELESS.COM):
E4A,
IT. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:230 hits: 11-25 to 12-20] none[3] none:none
Armadillo| none trace

T:23:42:00 Win2K-f 77.42.58.115 (VICENZAWIRELESS.COM):
E4A,
IT. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:230 hits: 11-25 to 12-20] none[3] none:none
Armadillo| none trace

23:49:00 Win2K-f 78.111.244.186 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
GB:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:51:00 Win2K-f 77.92.158.34 (-):
HOSTING INTERNET HIZMETLERI LTD STI,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:446 hits: 11-21 to 12-20] none[3] none:none
StarForce| none trace

T:23:53:00 Win2K-f 78.111.244.186 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
GB:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:10431 hits: 11-20 to 12-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:54:00 Win2K-f 89.107.228.119 (-):
DGN TEKNOLOJI BILISIM YAYINCILIK SANAYI VE LIMITED SIRKETI,
TR. n/a US:www.maxmind.com
:checkip.dyndns.org
GB:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:855 hits: 11-24 to 12-20] none[3] none:none
UPX| none trace

T:23:59:00 Win2K-f 87.246.31.56 (-):
TRIPLE PLAY CLIENT OF CABLETEL PLC IN SHUMEN,
BG. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
GB:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox: 4 hits: 12-05 to 12-19] none[3] none:none
UPX| none trace