Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

09 January 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:05:00 Win2K-f 121.70.212.48 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
00:05:00 Win2K-f 124.81.99.173 (CARSURIN.COM):
PT INDOSAT MEGA MEDIA,
ID. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:06:00 Win2K-f 123.52.118.217 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:00:07:00 Win2K-f 218.6.18.2 (163DATA.COM.CN):
CHINANET FUJIAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
CN:218.6.18.2:8058
US:64.246.48.99:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:00:16:00 Win2K-f 186.9.5.214 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:32:00 Win2K-f 190.55.183.32 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:00:32:00 Win2K-f 66.18.13.19 (SPEAKEASY.NET):
US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:37:00 Win2K-f 123.49.242.42 (-):
SHANGHAI BENNALONG NETWORK TECHNOLOGY CO. LTD,
SHANGHAI, SHANGHAI, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:43:00 Win2K-f 58.45.32.148 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:44:00 Win2K-f 123.0.208.39 (LSC.NET.TW):
TBCOM-NET,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:48:00 Win2K-f 219.91.116.199 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:50:00 Win2K-f 190.55.183.32 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
00:50:00 Win2K-f 118.232.8.70 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:05:00 Win2K-f 77.20.240.83 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:01:10:00 Win2K-f 78.39.13.66 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:19:00 Win2K-f 116.11.21.202 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:19:00 Win2K-f 72.37.161.179 (-):
SIRIUS TELECOM,
SANTA BARBARA, CALIFORNIA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:20:00 Win2K-f 186.12.70.208 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
01:23:00 Win2K-f 122.127.98.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:28:00 Win2K-f 66.119.122.40 (NET-COMM.CC):
NITNETWORK,
FT. PIERCE, FLORIDA, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:32:00 Win2K-f 213.32.235.50 (ADM.ESH.DK):
EDUCATIONAL INSTITUTION CONNECTED TO SEKTORNET,
DK. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
GB:81.144.213.187:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:35:00 Win2K-f 203.70.53.215 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
01:45:00 Win2K-f 123.52.118.217 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:01:47:00 Win2K-f 116.59.62.52 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:49:00 Win2K-f 72.37.161.179 (-):
SIRIUS TELECOM,
SANTA BARBARA, CALIFORNIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:53:00 Win2K-f 186.12.70.208 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:01:57:00 Win2K-f 121.70.195.2 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
02:00:00 Win2K-f 59.116.129.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
02:04:00 Win2K-f 201.173.185.231 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
T:02:05:00 Win2K-f 122.127.98.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:05:00 Win2K-f 218.21.124.234 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
LIUZHOU, GUANGXI, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:14:00 Win2K-f 210.3.177.213 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:18:00 Win2K-f 121.70.195.2 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
02:20:00 Win2K-f 82.3.188.104 (NTL.COM):
NTL INFRASTRUCTURE - CARDIFF,
HARPENDEN, ENGLAND, UK. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:25:00 Win2K-f 123.97.144.236 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:38:00 Win2K-f 59.121.129.212 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:38:00 Win2K-f 200.6.194.83 (INTELNET.NET.GT):
TELGUA,
GUATEMALA, GUATEMALA, GT. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:40:00 Win2K-f 123.65.248.126 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:49:00 Win2K-f 121.32.180.124 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:53:00 Win2K-f 85.41.243.182 (BUSINESS.TELECOMITALIA.IT):
NERSRL,
IT. (100Mbps) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:02:53:00 Win2K-f 87.97.217.67 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
BG:87.97.217.67:8037 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:02:55:00 Win2K-f 77.87.120.7 (-):
MASTERKOM-CZESTOCHOWA,
PL. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:57:00 Win2K-f 59.116.129.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
02:59:00 Win2K-f 123.65.248.126 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:03:00 Win2K-f 200.123.118.245 (COM.AR):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
MAR DEL PLATA, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
03:13:00 Win2K-f 196.205.195.20 (IASREO.COM):
LINK EGYPT,
CAIRO, AL QAHIRAH, EG. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:40:00 Win2K-f 202.83.164.247 (NTC.NET.PK):
NATIONAL TELECOM CORPORATION,
ISLAMABAD, ISLAMABAD, PK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:43:00 Win2K-f 60.250.196.243 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:43:00 Win2K-f 221.234.7.155 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:58:00 Win2K-f 122.120.131.76 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
04:04:00 Win2K-f 125.85.82.58 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:09:00 Win2K-f 85.41.243.182 (BUSINESS.TELECOMITALIA.IT):
NERSRL,
IT. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
04:13:00 Win2K-f 80.68.15.42 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:380 hits: 11-25 to 01-08] 		none[3] none:none
 Armadillo| none trace
04:19:00 Win2K-f 203.118.232.241 (-):
GRAND TAINAN TECHNOLOGY CO.LTD,
TAINAN, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:21:00 Win2K-f 122.120.131.76 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
04:34:00 Win2K-f 125.84.223.225 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:44:00 Win2K-f 208.53.158.112 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:51:00 Win2K-f 66.90.101.247 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:52:00 Win2K-f 190.51.52.61 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:53:00 Win2K-f 213.98.171.33 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2000108569),
REUS, CATALUñA, ES. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:138 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
04:56:00 Win2K-f 190.51.52.61 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:58:00 Win2K-f 164.58.106.42 (-):
PONTOTOC AREA VOTECH,
ADA, OKLAHOMA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:00:00 Win2K-f 66.90.101.247 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:09:00 Win2K-f 60.167.250.200 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:20:00 Win2K-f 170.51.59.107 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
05:23:00 Win2K-f 74.0.75.6 (COVAD.NET):
COVAD COMMUNICATIONS CO,
BROOKLYN, NEW YORK, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:32:00 Win2K-f 12.99.130.70 (ATT.NET):
AT&T WORLDNET SERVICES,
EVERETT, WASHINGTON, US. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:36:00 Win2K-f 190.241.46.57 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:41:00 Win2K-f 123.195.80.32 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:43:00 Win2K-f 170.51.59.107 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
05:45:00 Win2K-f 12.99.130.70 (ATT.NET):
AT&T WORLDNET SERVICES,
EVERETT, WASHINGTON, US. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:52:00 Win2K-f 74.0.75.6 (COVAD.NET):
COVAD COMMUNICATIONS CO,
BROOKLYN, NEW YORK, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:55:00 Win2K-f 121.96.37.71 (BTI.NET.PH):
BAYAN TELECOMMUNICATION/SKY INTERNET,
QUEZON CITY, MANILA, PH. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:02:00 Win2K-f 208.115.111.234 (LENGTHSEARCH.INFO):
WOW TECHNOLOGIES,
SEATTLE, WASHINGTON, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:04:00 Win2K-f 212.68.42.186 (-):
NETWING,
AT. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:198 hits: 11-20 to 01-08] 		none[3] none:none
 StarForce| none trace
T:06:04:00 Win2K-f 210.24.8.125 (PACIFIC.NET.SG):
PACIFIC INTERNET LIMITED,
SG. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:06:00 Win2K-f 201.252.174.68 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
06:09:00 Win2K-f 123.195.56.153 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:17:00 Win2K-f 218.36.124.133 (KRLINE.NET):
KRLINE INTERNET SERVICE INC,
SEOUL, KYONGGI-DO, KR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:23:00 Win2K-f 186.12.43.132 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:27:00 Win2K-f 94.102.5.94 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
5 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:28:00 Win2K-f 212.65.27.77 (NC-SYSTEMS.DE):
MANET GMBH,
MANNHEIM, BADEN-WURTTEMBERG, DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:97 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
T:06:44:00 Win2K-f 173.67.102.200 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:53:00 Win2K-f 78.39.13.91 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:58:00 Win2K-f 151.100.149.39 (IPPOCRATE.UNIROMA1.IT):
UNIVERSITA' DEGLI STUDI DI ROMA LA SAPIENZA,
ROME, LAZIO, IT. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:59:00 Win2K-f 222.87.245.192 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		13 of 38 6a6ca06846
NEW 		none[3] none:none
 UPX| none trace
T:07:05:00 Win2K-f 71.111.127.191 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
WILSONVILLE, OREGON, US. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
07:10:00 Win2K-f 87.97.205.5 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:07:12:00 Win2K-f 122.123.129.119 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:17:00 Win2K-f 122.47.201.82 (-):
POWERCOMM,
KR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:21:00 Win2K-f 190.48.35.33 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:22:00 Win2K-f 93.90.99.50 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
93.90.99.50:1551 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:25:00 Win2K-f 122.127.48.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:32:00 Win2K-f 122.47.201.82 (-):
POWERCOMM,
KR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:35:00 Win2K-f 71.111.127.191 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
WILSONVILLE, OREGON, US. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
07:39:00 Win2K-f 209.62.113.194 (EV1SERVERS.NET):
EVERYONES INTERNET,
US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
209.62.113.194:2174
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:46:00 Win2K-f 190.138.89.5 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:51:00 Win2K-f 218.95.15.168 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:07:53:00 Win2K-f 84.126.152.229 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:07:57:00 Win2K-f 93.124.57.23 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:07:59:00 Win2K-f 209.62.113.194 (EV1SERVERS.NET):
EVERYONES INTERNET,
US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:01:00 Win2K-f 186.12.100.167 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:08:06:00 Win2K-f 190.138.89.5 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:14:00 Win2K-f 82.80.230.43 (BEZEQINT.NET):
BEZEQ-INTERNATIONAL,
TEL AVIV, TEL AVIV, IL. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:08:16:00 Win2K-f 190.24.33.2 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:08:29:00 Win2K-f 212.62.122.242 (-):
ICCSOLUTIONS,
SA. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:31:00 Win2K-f 212.62.122.242 (-):
ICCSOLUTIONS,
SA. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:31:00 Win2K-f 125.224.177.185 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:34:00 Win2K-f 84.126.152.229 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:08:35:00 Win2K-f 82.80.230.43 (BEZEQINT.NET):
BEZEQ-INTERNATIONAL,
TEL AVIV, TEL AVIV, IL. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
08:38:00 Win2K-f 122.125.226.154 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:48:00 Win2K-f 122.125.226.154 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:49:00 Win2K-f 189.97.24.98 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:51:00 Win2K-f 201.254.81.83 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
08:57:00 Win2K-f 201.254.81.83 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
08:58:00 Win2K-f 200.3.177.70 (RAVE-TT.NET):
LISA COMMUNICATIONS LTD,
TT. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
09:07:00 Win2K-f 186.9.177.183 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
09:17:00 Win2K-f 67.41.128.94 (QWEST.NET):
QWEST COMMUNICATIONS CORPORATION,
DENVER, COLORADO, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:24:00 Win2K-f 219.81.230.170 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:26:00 Win2K-f 190.0.79.218 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:27:00 Win2K-f 201.173.28.150 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
09:36:00 Win2K-f 190.0.79.218 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
09:49:00 Win2K-f 81.143.145.209 (BTOPENWORLD.COM):
PROVIDER LOCAL REGISTRY,
UK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
T:09:51:00 Win2K-f 87.119.91.2 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:52:00 Win2K-f 122.125.165.17 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:03:00 Win2K-f 196.41.106.249 (SAOL-NET.COM):
AFRINIC,
ZA. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:03:00 Win2K-f 87.119.91.2 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:06:00 Win2K-f 190.157.75.233 (CABLE.NET.CO):
TV CABLE S.A,
CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:15:00 Win2K-f 114.47.15.173 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:24:00 Win2K-f 59.104.51.143 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:26:00 Win2K-f 81.143.145.209 (BTOPENWORLD.COM):
PROVIDER LOCAL REGISTRY,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
T:10:33:00 Win2K-f 122.125.165.17 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:39:00 Win2K-f 218.170.223.78 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:42:00 Win2K-f 114.40.171.103 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:44:00 Win2K-f 84.126.152.229 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
10:47:00 Win2K-f 79.98.132.12 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:798 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:10:50:00 Win2K-f 61.59.151.212 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:52:00 Win2K-f 69.3.61.146 (COVAD.NET):
COVAD COMMUNICATIONS CO,
LOS ANGELES, CALIFORNIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:69.3.61.146:7145
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:53:00 Win2K-f 190.27.63.211 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
10:55:00 Win2K-f 59.104.51.143 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:56:00 Win2K-f 70.46.103.79 (FDN.COM):
FDN.COM,
MAITLAND, FLORIDA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:10:00 Win2K-f 118.232.47.75 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:11:00 Win2K-f 115.82.147.246 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:17:00 Win2K-f 190.208.85.19 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:19:00 Win2K-f 59.125.193.140 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
11:22:00 Win2K-f 217.59.166.34 (BUSINESS.TELECOMITALIA.IT):
COMUNE DI COLOBRARO,
IT. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:34:00 Win2K-f 122.118.232.49 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:38:00 Win2K-f 190.27.63.211 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
11:39:00 Win2K-f 78.88.248.188 (-):
VECTRA TECHNOLOGIE S.A,
PL. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:51:00 Win2K-f 201.234.162.108 (COM.AR):
COOPERATIVA VILLA DEL ROSARIO (COOVILROS),
ROSARIO, SANTA FE, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:59:00 Win2K-f 190.141.66.160 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:01:00 Win2K-f 79.144.206.39 (RIMA-TDE.NET):
TELEFONICA,
MADRID, MADRID, ES. 		n/a   445 pcap raw alerts
ruleset 		http
2 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
12:04:00 Win2K-f 203.70.85.162 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:11:00 Win2K-f 61.59.151.212 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:20:00 Win2K-f 202.55.81.18 (VQBN.COM):
VIEWQWEST PTE LTD INTERNET SERVICE PROVIDER SINGAPORE,
SINGAPORE, SINGAPORE, SG. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:21:00 Win2K-f 203.66.138.9 (AMTC.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:380 hits: 11-25 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:12:22:00 Win2K-f 217.59.166.34 (BUSINESS.TELECOMITALIA.IT):
COMUNE DI COLOBRARO,
IT. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
IT:217.59.166.34:5337
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:25:00 Win2K-f 190.51.191.121 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:12:33:00 Win2K-f 217.17.178.47 (LBT.RU):
YAMALTELECOM ISP,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:37:00 Win2K-f 81.91.18.10 (-):
NUKS BILGI TEKNOLOJILERI SAN. VE TIC. LTD. STI,
TR. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:46:00 Win2K-f 122.118.232.49 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:49:00 Win2K-f 71.41.198.12 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HOUSTON, TEXAS, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:52:00 Win2K-f 87.60.43.112 (BROADBAND.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
COPENHAGEN, COPENHAGEN, DK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:13:04:00 Win2K-f 194.44.193.86 (EPL.ORG.UA):
UARNET-LL,
LVIV, L'VIVS'KA OBLAST', UA. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:380 hits: 11-25 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:13:05:00 Win2K-f 202.55.81.18 (VQBN.COM):
VIEWQWEST PTE LTD INTERNET SERVICE PROVIDER SINGAPORE,
SINGAPORE, SINGAPORE, SG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:05:00 Win2K-f 78.39.204.114 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
13:07:00 Win2K-f 87.60.43.112 (BROADBAND.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
COPENHAGEN, COPENHAGEN, DK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
T:13:18:00 Win2K-f 78.88.248.188 (-):
VECTRA TECHNOLOGIE S.A,
PL. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:22:00 Win2K-f 190.220.49.120 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:28:00 Win2K-f 201.213.214.3 (NET.AR):
PRIMA S.A,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:28:00 Win2K-f 190.165.44.224 (-):
EMTELSA S.A. E.S.P,
CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:29:00 Win2K-f 186.9.12.45 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:13:31:00 Win2K-f 201.213.214.3 (NET.AR):
PRIMA S.A,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:39:00 Win2K-f 201.234.162.108 (COM.AR):
COOPERATIVA VILLA DEL ROSARIO (COOVILROS),
ROSARIO, SANTA FE, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:52:00 Win2K-f 221.125.49.107 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:58:00 Win2K-f 62.201.72.136 (T-ONLINE.HU):
T-ONLINE CATV CLIENTS (DYNAMIC ADDRESS POOL),
BUDAPEST, BUDAPEST, HU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:59:00 Win2K-f 192.107.104.52 (UNANLEON.EDU.NI):
UNIVERSIDAD NACIONAL DE INGENIERIA,
MANAGUA, MANAGUA, NI. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:04:00 Win2K-f 124.8.55.112 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:06:00 Win2K-f 190.128.72.92 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:798 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
14:17:00 Win2K-f 212.95.46.125 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
DE:212.95.46.125:9461
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:19:00 Win2K-f 200.119.96.8 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:14:20:00 Win2K-f 206.105.109.9 (ENGAGETECH.NET):
FORELINE SECURITY,
NEW YORK, NEW YORK, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:24:00 Win2K-f 190.51.23.122 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
14:33:00 Win2K-f 81.12.50.23 (-):
FARHANG AZMA COMMUNICATIONS,
TEHRAN, TEHRAN, IR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:14:35:00 Win2K-f 203.66.138.9 (AMTC.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:380 hits: 11-25 to 01-08] 		none[3] none:none
 Armadillo| none trace
14:44:00 Win2K-f 190.51.191.121 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:14:46:00 Win2K-f 38.103.173.232 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:47:00 Win2K-f 200.114.31.137 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:49:00 Win2K-f 190.140.170.195 (CABLEONDA.NET):
CABLE ONDA,
PA. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:55:00 Win2K-f 81.12.50.23 (-):
FARHANG AZMA COMMUNICATIONS,
TEHRAN, TEHRAN, IR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
T:14:56:00 Win2K-f 212.95.46.125 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:58:00 Win2K-f 200.114.31.137 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:01:00 Win2K-f 190.140.170.195 (CABLEONDA.NET):
CABLE ONDA,
PA. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:02:00 Win2K-f 186.0.15.165 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
15:07:00 Win2K-f 87.60.70.171 (IP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:11:00 Win2K-f 219.64.193.224 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. (DIAL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
15:11:00 Win2K-f 200.119.96.8 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
15:13:00 Win2K-f 38.103.173.232 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:14:00 Win2K-f 96.10.85.71 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
96.10.85.71:7840 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:20:00 Win2K-f 190.220.120.93 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1711 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
15:29:00 Win2K-f 170.51.75.92 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:31:00 Win2K-f 200.25.203.18 (PORTA.NET):
CONECEL,
EC. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:32:00 Win2K-f 87.60.70.171 (IP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:33:00 Win2K-f 123.195.195.238 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:43:00 Win2K-f 190.128.23.73 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:48:00 Win2K-f 212.18.79.67 (EYE-TREK.COM):
PELIKAN & PARTNER,
DE. (DIAL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:49:00 Win2K-f 59.114.36.187 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:54:00 Win2K-f 124.8.163.178 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:01:00 Win2K-f 170.51.75.92 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:01:00 Win2K-f 79.99.134.126 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:03:00 Win2K-f 24.86.180.3 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LANGLEY, BRITISH COLUMBIA, CA. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:06:00 Win2K-f 200.88.26.154 (CODETEL.NET.DO):
VERIZON DOMINICANA,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:06:00 Win2K-f 77.29.2.142 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:07:00 Win2K-f 80.93.215.100 (TEKLAN.COM.TR):
NET-EYIGUN,
TR. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:12:00 Win2K-f 78.39.204.114 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:660 hits: 11-21 to 01-08] 		none[3] none:none
 StarForce| none trace
16:18:00 Win2K-f 77.29.2.142 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:22:00 Win2K-f 212.6.57.23 (DPI.NET.IR):
ARCHWAY,
IT. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
16:22:00 Win2K-f 210.17.228.100 (PACIFIC.NET.HK):
TMH_FM,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:27:00 Win2K-f 124.83.6.214 (PLDT.NET):
IPG,
PH. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:32:00 Win2K-f 59.114.36.187 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:32:00 Win2K-f 79.99.134.126 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:32:00 Win2K-f 87.97.228.233 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
16:36:00 Win2K-f 219.64.193.224 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. (DIAL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
16:36:00 Win2K-f 62.201.72.136 (T-ONLINE.HU):
T-ONLINE CATV CLIENTS (DYNAMIC ADDRESS POOL),
BUDAPEST, BUDAPEST, HU. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:37:00 Win2K-f 186.9.154.139 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:43:00 Win2K-f 170.51.101.141 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:47:00 Win2K-f 88.14.101.175 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:48:00 WinXP 24.109.203.94 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. 		n/a RU:citi-bank.ru
RU:89.208.35.28:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		36 of 38 29abb49a9a
NEW 		bed847a713 [0] ASM:Graph
 PolyEnE| lines=68 trace
T:16:55:00 Win2K-f 77.23.72.96 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:55:00 Win2K-f 89.19.27.42 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:09:00 Win2K-f 88.14.101.175 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:12:00 Win2K-f 82.28.58.175 (NTL.COM):
NTL INFRASTRUCTURE - ACTON,
STOKE ON TRENT, ENGLAND, UK. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
T:17:13:00 Win2K-f 119.0.165.232 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
17:19:00 Win2K-f 200.25.203.18 (PORTA.NET):
CONECEL,
EC. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
EC:200.25.203.18:5662
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:23:00 Win2K-f 24.86.180.3 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LANGLEY, BRITISH COLUMBIA, CA. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
CA:24.86.180.3:8824
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:29:00 Win2K-f 83.97.249.9 (CM-83-97-244-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:54 hits: 11-27 to 01-06] 		none[3] none:none
 Armadillo| none trace
T:17:33:00 Win2K-f 201.82.236.129 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:138 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
17:34:00 Win2K-f 114.47.32.203 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:380 hits: 11-25 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:17:37:00 Win2K-f 121.254.91.5 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:40:00 Win2K-f 190.0.75.62 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:43:00 Win2K-f 119.0.165.232 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:17:52:00 Win2K-f 200.61.4.33 (NET.AR):
COMNET S.A,
LIMA, LIMA, PE. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
17:53:00 Win2K-f 124.83.6.214 (PLDT.NET):
IPG,
PH. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:54:00 Win2K-f 24.83.78.17 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
17:58:00 Win2K-f 200.49.168.19 (AMIGO.NET.GT):
COMCEL GUATEMALA S.A,
GUATEMALA, GUATEMALA, GT. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
17:59:00 Win2K-f 121.254.91.5 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:00:00 Win2K-f 190.30.155.234 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:10:00 Win2K-f 210.17.228.100 (PACIFIC.NET.HK):
TMH_FM,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:12:00 Win2K-f 190.128.15.145 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
CO:190.128.15.145:9970
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:19:00 Win2K-f 58.45.56.138 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:20:00 Win2K-f 24.83.78.17 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
18:29:00 Win2K-f 59.117.125.69 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:33:00 Win2K-f 114.47.33.200 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:36:00 Win2K-f 190.0.75.62 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:37:00 Win2K-f 198.69.213.176 (SPRINTLINK.NET):
SPRINT,
WAYNETOWN, INDIANA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:37:00 Win2K-f 211.74.204.241 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:40:00 Win2K-f 190.128.15.71 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:48:00 WinXP 85.197.158.67 (BIKAB.COM):
BREDBAND I KRISTIANSTAD AB - ABK CUSTOMERS,
KRISTIANSTAD, SKANE, SE. 		61.235.117.80:65520 CN:proxim.ircgalaxy.pl
RU:citi-bank.ru
CN:horobl.cn
RU:89.208.35.28:80 		445 pcap raw alerts
ruleset 		http
irc
10 lines 		Yeah : 1.3
profile 		none summary
tarball 		34 of 36 9bb68450cd
[Firefox:25 hits: 10-26 to 01-03] 		c2d5ac2315 [0] ASM:Graph
 PolyEnE| lines=73
embedded dns 		trace
18:53:00 Win2K-f 58.45.56.138 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 38 4dd32a7ad0
NEW 		none[3] none:none
 UPX| none trace
T:18:53:00 Win2K-f 115.80.234.232 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 fcb4920986
[Firefox:58 hits: 11-21 to 01-07] 		none[3] none:none
 UPX| none trace
T:18:55:00 Win2K-f 58.45.105.136 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:59:00 Win2K-f 114.47.33.200 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:03:00 Win2K-f 211.74.204.241 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:05:00 Win2K-f 59.113.156.169 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:10:00 Win2K-f 81.9.129.227 (CM-81-9-134-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:12:00 Win2K-f 170.51.101.141 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:17:00 Win2K-f 222.217.94.152 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:18:00 Win2K-f 81.9.129.227 (CM-81-9-134-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:25:00 Win2K-f 118.170.205.164 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:25:00 Win2K-f 200.82.122.30 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:30:00 Win2K-f 77.92.130.208 (-):
HOSTING INTERNET HIZMETLERI LTD STI,
TR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
EU:77.92.130.208:3470 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
19:36:00 Win2K-f 114.44.148.1 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:36:00 Win2K-f 190.141.181.164 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
T:19:41:00 Win2K-f 114.44.148.1 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:52:00 Win2K-f 66.90.73.92 (GRAYVEE.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:52:00 Win2K-f 201.28.18.82 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:54:00 Win2K-f 122.121.157.109 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:59:00 Win2K-f 201.254.79.157 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
20:03:00 Win2K-f 190.141.181.164 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
20:13:00 Win2K-f 123.97.239.98 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:20:00 Win2K-f 123.97.239.98 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:21:00 Win2K-f 89.19.14.66 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:25:00 Win2K-f 58.45.105.136 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:29:00 Win2K-f 194.57.212.121 (-):
CNAM-MONTPELLIER - CENTRE NATIONAL DES ARTS ET METIERS,
MONTPELLIER, LANGUEDOC-ROUSSILLON, FR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:39:00 Win2K-f 124.83.6.214 (PLDT.NET):
IPG,
PH. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:40:00 Win2K-f 122.120.215.151 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:40:00 Win2K-f 218.40.122.103 (CATVNET.NE.JP):
CATV NETWORK SERVICES(STNET INCORPORATED),
HIMEJI, HYOGO, JP. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:798 hits: 11-22 to 01-08] 		none[3] none:none
 UPX| none trace
20:52:00 Win2K-f 59.115.148.62 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:52:00 Win2K-f 203.67.195.90 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:53:00 Win2K-f 186.9.162.107 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:20:54:00 Win2K-f 210.17.228.100 (PACIFIC.NET.HK):
TMH_FM,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:56:00 Win2K-f 200.106.211.79 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:151 hits: 12-19 to 01-08] 		none[3] none:none
 MEW| none trace
21:04:00 Win2K-f 122.124.205.122 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:11:00 Win2K-f 70.46.119.58 (FDN.COM):
FDN.COM,
MAITLAND, FLORIDA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:11:00 Win2K-f 116.111.160.110 (USER7-175.ENET.VN):
ELECTRIC TELECOMMUNICATION COMPANY,
VN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:15:00 Win2K-f 59.113.156.169 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:19:00 Win2K-f 186.9.68.227 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
21:24:00 Win2K-f 210.3.156.202 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:26:00 Win2K-f 118.232.16.189 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:26:00 Win2K-f 190.48.110.34 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:21:30:00 Win2K-f 210.3.156.202 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:32:00 Win2K-f 89.19.14.66 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:33:00 Win2K-f 118.232.16.189 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:35:00 Win2K-f 173.45.69.74 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:44:00 Win2K-f 61.56.170.117 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:45:00 Win2K-f 59.105.88.63 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:49:00 Win2K-f 79.110.116.219 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
21:50:00 Win2K-f 201.252.163.193 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
T:21:50:00 Win2K-f 81.9.129.227 (CM-81-9-134-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
ES:81.9.129.227:5848 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:53:00 Win2K-f 200.250.129.2 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:04:00 Win2K-f 200.50.169.222 (NET.AR):
INTERLINK S.R.L,
AR. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1442 hits: 11-24 to 01-08] 		none[3] none:none
 UPX| none trace
22:06:00 Win2K-f 202.52.74.126 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
22:07:00 Win2K-f 208.69.230.74 (CLUBSHOP.COM):
NETRIPLEX LLC,
BOSTON, MASSACHUSETTS, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:208.69.230.74:7943
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:07:00 Win2K-f 203.115.197.136 (-):
UNIFORCE SYSTEM LTD,
PUCHONG, SELANGOR, MY. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:863 hits: 11-30 to 01-08] 		none[3] none:none
 StarForce| none trace
22:07:00 Win2K-f 190.208.95.74 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:09:00 Win2K-f 220.173.33.151 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:18:00 Win2K-f 81.214.140.245 (TTNET.NET.TR):
ADSL-MET-ULUS-STATIC POOL,
ANKARA, ANKARA, TR. (DSL) 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:22:24:00 Win2K-f 69.15.231.234 (BANKERSX.COM):
CBEYOND COMMUNICATIONS LLC,
ATLANTA, GEORGIA, US. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:31:00 Win2K-f 59.54.13.25 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:35:00 Win2K-f 66.93.119.20 (SPEAKEASY.NET):
BLT BRIDGED CIRCUITS,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:37:00 Win2K-f 77.34.87.1 (SAKHALIN.RU):
OPEN JOINT STOCK COMPANY FAR EAST TELECOMMUNICATIONS COMPANY,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:41:00 Win2K-f 72.29.94.43 (DIMENOC.COM):
HOSTDIME.COM INC,
US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:50:00 Win2K-f 216.244.205.245 (COM.AR):
SINECTIS S.A,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:50:00 Win2K-f 123.204.149.86 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:50:00 Win2K-f 115.83.0.104 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:55:00 Win2K-f 59.54.13.25 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:02:00 Win2K-f 208.69.230.74 (CLUBSHOP.COM):
NETRIPLEX LLC,
BOSTON, MASSACHUSETTS, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:03:00 Win2K-f 66.88.141.2 (XO.NET):
XO COMMUNICATIONS,
SALT LAKE CITY, UTAH, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:04:00 Win2K-f 77.79.103.100 (GRID.COM.TR):
GRID BILISIM TEKNOLOJILERI A.S,
ISTANBUL, ISTANBUL, TR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:08:00 Win2K-f 186.12.60.81 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:138 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
T:23:10:00 Win2K-f 114.40.198.136 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:138 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
T:23:15:00 Win2K-f 124.13.28.108 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
MY. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:15:00 Win2K-f 59.115.4.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:20:00 Win2K-f 122.120.215.151 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:21:00 Win2K-f 92.125.114.146 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:26:00 Win2K-f 58.88.86.154 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:26:00 Win2K-f 59.104.54.80 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
23:27:00 Win2K-f 186.12.60.81 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:138 hits: 11-29 to 01-08] 		none[3] none:none
 UPX| none trace
23:29:00 Win2K-f 190.50.214.248 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:31:00 Win2K-f 69.13.195.20 (PROPAGATION.NET):
C I HOST,
US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:45:00 Win2K-f 87.119.91.246 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:403 hits: 11-26 to 01-08] 		none[3] none:none
 Armadillo| none trace
T:23:46:00 Win2K-f 59.115.4.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:46:00 Win2K-f 60.178.150.107 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
JINAN, SHANDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:57:00 Win2K-f 66.88.141.2 (XO.NET):
XO COMMUNICATIONS,
SALT LAKE CITY, UTAH, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:16050 hits: 11-20 to 01-08] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace