Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

11 January 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:06:00 WinXP 70.67.69.163 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a RU:citi-bank.ru
RU:89.208.35.28:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1035 hits: 05-01 to 12-30] none[0] none:none
PolyEnE| lines=68 trace

T:00:11:00 Win2K-f 59.124.71.5 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

00:17:00 Win2K-f 212.19.142.106 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:19:00 Win2K-f 119.72.62.38 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:00:42:00 Win2K-f 62.63.15.53 (BBFT.NET):
BREDBANDSFYLKET TROMS AS,
NO. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:43:00 Win2K-f 24.68.132.243 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:44:00 Win2K-f 81.7.81.85 (ZEBRA.LT):
LIETUVOS-TELEKOMAS,
VILNIUS, VILNIAUS APSKRITIS, LT. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:50:00 Win2K-f 222.59.165.214 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:56:00 Win2K-f 219.81.149.254 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:00:00 Win2K-f 117.99.47.41 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:15:00 Win2K-f 170.51.208.34 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:16:00 Win2K-f 119.19.8.5 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:18:00 Win2K-f 217.20.121.53 (EDV-BUCHVERSAND.DE):
NETDIRECT-NET-DEINPROVIDER,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:23:00 Win2K-f 170.51.208.34 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:36:00 Win2K-f 200.71.97.200 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:42:00 Win2K-f 74.63.216.234 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:49:00 Win2K-f 59.104.88.18 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:50:00 WinXP 95.69.139.93 (-):
. n/a HK:proxim.ircgalaxy.pl
RU:citi-bank.ru
HK:58.65.232.35:65520
RU:89.208.35.28:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox:26 hits: 10-26 to 01-09] c2d5ac2315 [0] ASM:Graph
PolyEnE| lines=73
embedded dns trace

T:01:51:00 Win2K-f 77.92.229.18 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
EU:77.92.229.18:9388 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:52:00 Win2K-f 62.63.15.53 (BBFT.NET):
BREDBANDSFYLKET TROMS AS,
NO. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:57:00 Win2K-f 212.19.142.106 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:09:00 Win2K-f 59.104.41.254 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:10:00 Win2K-f 89.44.25.134 (-):
SC EXPANSION NET SRL,
RO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:14:00 Win2K-f 114.141.80.89 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 5 of 37 741c93f3c1
[Firefox: 9 hits: 11-30 to 01-01] none[3] none:none
UPX| none trace

02:14:00 Win2K-f 190.49.117.156 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

02:15:00 Win2K-f 87.227.74.41 (SIWNET.NET):
TDC SONG WHOLESALE-ADSL M/FB-BLG,
SE. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:15:00 Win2K-f 200.49.175.100 (AMIGO.NET.GT):
COMCEL GUATEMALA S.A,
GUATEMALA, GUATEMALA, GT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

02:16:00 Win2K-f 122.121.100.146 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:34:00 Win2K-f 59.104.88.18 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:34:00 Win2K-f 64.87.10.11 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

02:45:00 Win2K-f 118.161.251.94 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:97 hits: 11-23 to 01-07] none[3] none:none
StarForce| none trace

T:02:46:00 Win2K-f 65.127.245.21 (QWEST.NET):
IOWA EVENTS CENTER,
MULBERRY GROVE, ILLINOIS, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:50:00 Win2K-f 122.120.220.119 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:56:00 Win2K-f 122.120.220.119 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:10:00 Win2K-f 59.105.80.73 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

03:23:00 Win2K-f 118.232.0.92 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:24:00 Win2K-f 94.76.213.113 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:36:00 Win2K-f 121.52.71.114 (PENI.CO.ID):
EXCELCOMINDO PRATAMA PT,
ID. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

T:03:42:00 Win2K-f 95.104.28.109 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:03:48:00 Win2K-f 118.232.0.92 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:53:00 Win2K-f 200.72.224.142 (MAIL.DCS.CL):
ENTEL CHILE S.A,
SANTIAGO, REGION METROPOLITANA, CL. (100Mbps) n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

03:55:00 Win2K-f 201.87.122.60 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
BR:201.87.122.60:7209
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:04:05:00 Win2K-f 89.105.196.45 (ISP-SERVICES.NL):
HUBRIS,
NL. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:10:00 Win2K-f 83.97.238.5 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:203 hits: 11-20 to 01-10] none[3] none:none
StarForce| none trace

04:14:00 Win2K-f 118.171.174.150 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:19:00 Win2K-f 91.64.203.187 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:391 hits: 11-25 to 01-10] none[3] none:none
Armadillo| none trace

04:21:00 Win2K-f 200.123.69.254 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
LA PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:27:00 Win2K-f 83.97.238.5 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:203 hits: 11-20 to 01-10] none[3] none:none
StarForce| none trace

T:04:31:00 Win2K-f 86.8.27.168 (NTL.COM):
NTL INFRASTRUCTURE - BROMLEY,
LONDON, ENGLAND, UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:32:00 Win2K-f 86.8.27.168 (NTL.COM):
NTL INFRASTRUCTURE - BROMLEY,
LONDON, ENGLAND, UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:33:00 Win2K-f 122.55.188.7 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:41:00 Win2K-f 119.95.10.232 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

04:42:00 Win2K-f 195.24.219.201 (-):
DATA COMMUNICATION AND INTERNATIONAL,
CM. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:60 hits: 11-21 to 01-10] none[3] none:none
UPX| none trace

04:43:00 Win2K-f 190.245.48.28 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:04:43:00 Win2K-f 72.77.14.26 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:04:51:00 Win2K-f 198.64.251.23 (VERIO.NET):
NTT AMERICA INC,
HOUSTON, TEXAS, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:55:00 Win2K-f 195.24.219.201 (-):
DATA COMMUNICATION AND INTERNATIONAL,
CM. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:60 hits: 11-21 to 01-10] none[3] none:none
UPX| none trace

04:55:00 Win2K-f 87.21.152.91 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
CROTONE, CALABRIA, IT. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:809 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

05:08:00 Win2K-f 118.160.182.241 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:08:00 Win2K-f 124.226.122.192 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

05:14:00 Win2K-f 64.6.180.83 (MEGAPATH.NET):
MEGAPATH NETWORKS INC,
BELLFLOWER, CALIFORNIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:17:00 Win2K-f 72.77.14.26 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:05:19:00 Win2K-f 122.124.165.246 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:21:00 Win2K-f 218.15.14.209 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:25:00 Win2K-f 123.52.138.129 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:32:00 Win2K-f 59.105.151.136 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:35:00 Win2K-f 124.226.122.192 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:05:37:00 Win2K-f 222.87.135.78 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:05:43:00 Win2K-f 119.94.21.142 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:47:00 Win2K-f 123.204.117.54 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:49:00 Win2K-f 122.123.101.127 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:58:00 Win2K-f 85.119.244.18 (IN.NL):
IN B.V.B.A COLOCATION BRUSSELS,
NL. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:00:00 Win2K-f 212.95.46.135 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

06:14:00 Win2K-f 190.48.223.78 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:06:19:00 Win2K-f 190.48.223.78 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:06:19:00 Win2K-f 81.37.27.180 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:33:00 Win2K-f 81.37.27.180 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:38:00 Win2K-f 59.114.243.5 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:39:00 Win2K-f 200.45.128.57 (NET.AR):
MIDAS-TELECOM,
BARILOCHE, RIO NEGRO, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:391 hits: 11-25 to 01-10] none[3] none:none
Armadillo| none trace

06:39:00 Win2K-f 71.113.203.244 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
BLOOMINGTON, ILLINOIS, US. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:45:00 Win2K-f 123.195.73.78 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:51:00 Win2K-f 216.168.103.215 (FRONTENAC.NET):
NORTH FRONTENAC TELEPHONE COMPANY,
ONTARIO, CA. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

06:57:00 Win2K-f 194.8.74.32 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:07:02:00 Win2K-f 83.92.187.230 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
GREVE, ROSKILDE, DK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

07:02:00 Win2K-f 122.124.165.246 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:03:00 Win2K-f 94.222.250.161 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:08:00 Win2K-f 72.37.161.177 (-):
SIRIUS TELECOM,
SANTA BARBARA, CALIFORNIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:13:00 Win2K-f 118.232.16.136 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:23:00 Win2K-f 190.51.91.216 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:07:25:00 Win2K-f 200.32.173.9 (-):
ADMINISTRADOR MALL PLAZA,
CL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:07:27:00 Win2K-f 88.134.65.29 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

07:35:00 Win2K-f 77.21.117.203 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:36:00 Win2K-f 125.85.11.82 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:41:00 Win2K-f 118.160.182.241 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:44:00 Win2K-f 190.51.91.216 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

07:58:00 Win2K-f 194.8.75.239 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

08:00:00 Win2K-f 118.100.163.149 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:00:00 Win2K-f 89.29.145.57 (NOT-ASSIGNED.TVALMANSA.ES):
TV ALMANSA ALMANSA INFRAESTRUCTURE/ACCESS,
ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:203 hits: 11-20 to 01-10] none[3] none:none
StarForce| none trace

08:06:00 Win2K-f 93.120.173.175 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:08:07:00 Win2K-f 66.90.73.126 (GRAYVEE.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:14:00 Win2K-f 77.21.117.203 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:23:00 Win2K-f 122.118.75.204 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:23:00 Win2K-f 81.9.175.95 (CM-81-9-175-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:28:00 Win2K-f 122.118.75.204 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:30:00 Win2K-f 58.101.54.224 (-):
WASU TV & COMMUNICATION HOLDING CO. LTD,
HANGZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:40:00 Win2K-f 125.224.61.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:47:00 Win2K-f 59.117.126.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:58:00 Win2K-f 91.97.193.127 (EWE-IP-BACKBONE.DE):
EWETEL,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:58:00 Win2K-f 200.49.22.148 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:00:00 Win2K-f 200.49.22.148 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:07:00 Win2K-f 91.97.193.127 (EWE-IP-BACKBONE.DE):
EWETEL,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:08:00 Win2K-f 125.230.12.221 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:08:00 Win2K-f 82.29.131.145 (NTL.COM):
NTL INFRASTRUCTURE - LUTON,
UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

09:10:00 Win2K-f 125.230.12.221 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:12:00 Win2K-f 194.8.74.32 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

09:17:00 Win2K-f 81.91.18.10 (-):
NUKS BILGI TEKNOLOJILERI SAN. VE TIC. LTD. STI,
TR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:25:00 Win2K-f 93.120.173.175 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

09:29:00 Win2K-f 190.54.70.239 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:09:32:00 Win2K-f 125.224.61.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:34:00 Win2K-f 82.254.202.42 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:38:00 Win2K-f 94.75.219.66 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:45:00 Win2K-f 125.22.105.58 (125.AIRTELBROADBAND.IN):
BHARTI INFOTEL LTD. (BBANDTS KK),
BANGALORE, KARNATAKA, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:09:48:00 Win2K-f 72.29.94.42 (DIMENOC.COM):
HOSTDIME.COM INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:54:00 Win2K-f 151.21.186.159 (21-151.LIBERO.IT):
FREE INTERNET DIAL-UP SERVICES,
ROME, LAZIO, IT. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:55:00 Win2K-f 200.32.173.9 (-):
ADMINISTRADOR MALL PLAZA,
CL. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:10:00:00 Win2K-f 200.32.170.90 (-):
ADMINISTRADOR MALL PLAZA,
SANTIAGO, REGION METROPOLITANA, CL. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:10:07:00 Win2K-f 59.126.125.53 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:15:00 Win2K-f 82.30.241.112 (NTL.COM):
NTL INFRASTRUCTURE - NOTTINGHAM,
UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:56 hits: 11-27 to 01-10] none[3] none:none
Armadillo| none trace

T:10:15:00 Win2K-f 59.117.126.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:16:00 Win2K-f 200.41.61.20 (-):
LATCOM-NET,
BUENOS AIRES, BUENOS AIRES, AR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:10:21:00 Win2K-f 122.127.218.161 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:31:00 Win2K-f 94.76.213.92 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:38:00 Win2K-f 190.128.3.218 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:99 hits: 11-29 to 01-10] none[3] none:none
UPX| none trace

T:10:41:00 Win2K-f 59.104.42.16 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:41:00 Win2K-f 92.230.232.139 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

10:47:00 Win2K-f 69.46.218.241 (EN-TEL.NET):
LAKEDALE LINK,
ANNANDALE, MINNESOTA, US. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:50:00 Win2K-f 59.126.125.53 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:51:00 Win2K-f 187.9.12.103 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 6 of 37 13e15a653e
[Firefox:41 hits: 11-21 to 01-04] none[3] none:none
UPX| none trace

T:10:56:00 Win2K-f 190.49.34.98 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

11:05:00 Win2K-f 217.114.226.184 (AHA.RU):
PROVIDER LOCAL INTERNET REGISTRY,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:05:00 Win2K-f 92.230.232.139 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

11:19:00 Win2K-f 82.16.198.39 (NTL.COM):
NTLI,
STOCKTON-ON-TEES, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

11:25:00 Win2K-f 87.97.208.13 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:11:32:00 Win2K-f 190.51.156.156 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

T:11:42:00 Win2K-f 217.114.226.184 (AHA.RU):
PROVIDER LOCAL INTERNET REGISTRY,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:44:00 Win2K-f 61.19.252.50 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

11:51:00 Win2K-f 91.139.192.197 (-):
CABLETEL_CMTS,
BG. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:24 hits: 12-05 to 01-08] none[3] none:none
UPX| none trace

T:11:56:00 Win2K-f 86.13.5.55 (NTL.COM):
NTL INFRASTRUCTURE - BAGULEY,
STOKE ON TRENT, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:13:00 Win2K-f 219.80.213.202 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:15:00 Win2K-f 219.80.213.202 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:15:00 Win2K-f 61.231.65.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:16:00 Win2K-f 61.19.252.50 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:12:29:00 Win2K-f 61.59.147.4 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:32:00 Win2K-f 157.100.17.2 (INTISANA.K12.EC):
ECUANET - CORPORACION ECUATORIANA DE INFORMACION,
QUITO, PICHINCHA, EC. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:41:00 Win2K-f 200.35.204.68 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:52:00 Win2K-f 200.114.10.160 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:55:00 Win2K-f 190.3.79.160 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

13:08:00 WinXP 70.67.69.163 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a RU:citi-bank.ru
RU:89.208.35.28:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1035 hits: 05-01 to 12-30] none[0] none:none
PolyEnE| lines=68 trace

T:13:09:00 Win2K-f 190.184.30.166 (-):
CABLENET S.A,
NI. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 16 of 39 9a9f93c4d2
[Firefox:29 hits: 12-23 to 01-10] none[3] none:none
UPX| none trace

13:11:00 Win2K-f 86.13.5.55 (NTL.COM):
NTL INFRASTRUCTURE - BAGULEY,
STOKE ON TRENT, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:12:00 Win2K-f 87.97.216.173 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:13:13:00 Win2K-f 93.156.112.74 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:18:00 Win2K-f 187.31.47.11 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:28:00 Win2K-f 78.106.108.160 (CORBINA.NET):
INVESTELEKTROSVIAZ LTD,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:97 hits: 11-23 to 01-07] none[3] none:none
StarForce| none trace

13:31:00 Win2K-f 59.121.196.115 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:36:00 Win2K-f 202.101.110.73 (163DATA.COM.CN):
CHINANET FUJIAN PROVINCE NETWORK,
SHANGHAI, SHANGHAI, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:37:00 Win2K-f 88.10.153.45 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:391 hits: 11-25 to 01-10] none[3] none:none
Armadillo| none trace

13:40:00 Win2K-f 187.31.47.11 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:45:00 Win2K-f 190.184.30.166 (-):
CABLENET S.A,
NI. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 16 of 39 9a9f93c4d2
[Firefox:29 hits: 12-23 to 01-10] none[3] none:none
UPX| none trace

T:13:52:00 Win2K-f 59.121.196.115 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:56:00 Win2K-f 124.8.3.177 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:59:00 Win2K-f 60.42.196.220 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

14:03:00 Win2K-f 190.24.34.58 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:17:00 Win2K-f 190.54.85.38 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:19:00 Win2K-f 212.4.140.79 (-):
CYBER SPACE TECHNOLOGIES,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:20:00 Win2K-f 189.123.52.224 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:23:00 Win2K-f 195.62.234.139 (VOIP.EUTELIA.IT):
EDISONTEL,
IT. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:34:00 Win2K-f 203.146.245.76 (-):
CHAIYAAA,
TOKYO, TOKYO, JP. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

14:34:00 Win2K-f 190.48.228.81 (COM.AR):
TELEFONICA DE ARGENTINA,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:34:00 Win2K-f 190.51.156.156 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

T:14:36:00 Win2K-f 123.195.65.243 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:39:00 Win2K-f 212.22.192.18 (-):
HMV UK LT,
UK. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:391 hits: 11-25 to 01-10] none[3] none:none
Armadillo| none trace

14:50:00 Win2K-f 208.29.186.47 (NEP.NET):
THE NORTH-EASTERN PENNSYLVANIA TELEPHONE COMPANY,
FOREST CITY, PENNSYLVANIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

14:54:00 Win2K-f 119.73.130.36 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

15:08:00 Win2K-f 162.42.208.14 (CYBERTRAILS.COM):
CYBERTRAILS,
SHOW LOW, ARIZONA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:10:00 Win2K-f 122.123.201.84 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:13:00 Win2K-f 210.17.228.100 (PACIFIC.NET.HK):
TMH_FM,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:14:00 Win2K-f 190.8.195.0 (-):
UNION DE CABLEOPERADORES DEL CENTRO CABLECENTRO S.A,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:19:00 Win2K-f 122.123.201.84 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:24:00 Win2K-f 203.67.117.7 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:24:00 Win2K-f 87.121.158.196 (NETERRA.NET):
NETERRAIP,
BG. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

15:25:00 Win2K-f 186.9.176.114 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:37:00 Win2K-f 89.106.8.112 (GRID.COM.TR):
VERSCOM-GRID-NET,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:39:00 Win2K-f 119.73.130.36 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

15:44:00 Win2K-f 123.195.65.243 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:46:00 Win2K-f 219.106.63.212 (SANNET.NE.JP):
SANNET INTERNET SERVICES,
JP. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:01:00 Win2K-f 89.35.200.2 (RAKNETSOFT.RO):
SC RAKNET SOFT SRL,
PLOIESTI, PRAHOVA, RO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:03:00 Win2K-f 190.8.195.0 (-):
UNION DE CABLEOPERADORES DEL CENTRO CABLECENTRO S.A,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:05:00 Win2K-f 66.90.101.188 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:13:00 Win2K-f 216.13.150.110 (ALLSTREAM.NET):
ALLSTREAM CORP. CORPORATION ALLSTREAM,
TORONTO, ONTARIO, CA. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:16:13:00 Win2K-f 190.48.137.112 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

16:16:00 Win2K-f 186.9.183.193 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:20:00 Win2K-f 72.87.252.20 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:16:20:00 Win2K-f 186.9.183.193 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:25:00 Win2K-f 61.197.107.51 (NTTPC.NE.JP):
INFOSPHERE (NTTPC COMMUNICATIONS INC.),
PHUKET, PHUKET, TH. n/a 445 pcap raw alerts
ruleset http
2 lines Argh : 0.3
profile none summary
tarball none none none none none none none

16:31:00 Win2K-f 89.47.227.118 (POINTNETWORKS.RO):
NEGOIU 30 031126 BUCHAREST,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:34:00 Win2K-f 72.87.252.20 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:16:37:00 Win2K-f 162.42.208.14 (CYBERTRAILS.COM):
CYBERTRAILS,
SHOW LOW, ARIZONA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:44:00 Win2K-f 83.97.226.71 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:52:00 Win2K-f 89.35.200.2 (RAKNETSOFT.RO):
SC RAKNET SOFT SRL,
PLOIESTI, PRAHOVA, RO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:52:00 Win2K-f 203.67.117.7 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:55:00 Win2K-f 186.9.176.114 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:59:00 Win2K-f 61.31.129.203 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:01:00 Win2K-f 201.252.196.80 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:04:00 Win2K-f 190.51.108.77 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:06:00 Win2K-f 78.38.203.63 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:18:00 Win2K-f 61.31.129.203 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:19:00 Win2K-f 203.70.142.9 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:19:00 Win2K-f 202.95.132.114 (-):
P2P-SHOWA-JKT-PESAT,
BEKASI, JAWA BARAT (DJAWA BARAT), ID. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

17:22:00 Win2K-f 210.165.239.195 (NTTPC.NE.JP):
INFOSPHERE (NTT PC COMMUNICATIONS INC.),
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

17:28:00 Win2K-f 200.35.209.209 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:31:00 Win2K-f 190.245.48.22 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

T:17:34:00 Win2K-f 59.105.6.59 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:36:00 Win2K-f 200.47.8.129 (NET.AR):
COMSAT ARGENTINA S.A,
AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:17:36:00 Win2K-f 32.106.125.32 (PRSERV.NET):
AT&T GLOBAL NETWORK SERVICES,
LAKE MARY, FLORIDA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:39:00 Win2K-f 212.91.211.195 (-):
POL-VOSTOKCEMENT-NET,
VLADIVOSTOK, PRIMORSKIY KRAY, RU. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:43:00 Win2K-f 119.120.97.188 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:55:00 Win2K-f 190.141.95.129 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:56:00 Win2K-f 220.137.252.68 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:02:00 Win2K-f 119.120.97.188 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:03:00 Win2K-f 78.109.17.10 (-):
TEHNOLOGII BUDUSHEGO LLC,
UA. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:12:00 Win2K-f 208.85.35.34 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:15:00 Win2K-f 84.237.129.53 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80
LV:84.237.129.53:9717 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:17:00 Win2K-f 84.19.174.64 (HOSTING-IE.COM):
HOSTING IE IP NETWORK,
WICKLOW, WICKLOW, IE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:22:00 Win2K-f 202.124.243.118 (DEDSVRS.NET):
SUBNETS TO PROVISION DEDICATED HOSTING,
AU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:36:00 Win2K-f 202.124.243.118 (DEDSVRS.NET):
SUBNETS TO PROVISION DEDICATED HOSTING,
AU. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:40:00 Win2K-f 88.46.101.94 (BUSINESS.TELECOMITALIA.IT):
ISTITUTO TECNICO COMMERCIALE S,
IT. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:45:00 Win2K-f 59.53.84.122 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

18:47:00 Win2K-f 12.14.148.70 (ATT.NET):
AT&T WORLDNET SERVICES,
TEXAS, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:49:00 Win2K-f 89.47.227.118 (POINTNETWORKS.RO):
NEGOIU 30 031126 BUCHAREST,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:54:00 Win2K-f 91.102.160.231 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

18:54:00 Win2K-f 59.53.84.122 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

18:54:00 Win2K-f 32.106.125.32 (PRSERV.NET):
AT&T GLOBAL NETWORK SERVICES,
LAKE MARY, FLORIDA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:57:00 Win2K-f 190.26.161.46 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:06:00 Win2K-f 114.47.226.14 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:14:00 Win2K-f 170.51.133.137 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:173 hits: 12-19 to 01-10] none[3] none:none
MEW| none trace

T:19:19:00 Win2K-f 202.103.242.235 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:25:00 Win2K-f 59.105.6.59 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:30:00 Win2K-f 190.90.106.113 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

T:19:37:00 Win2K-f 12.14.148.70 (ATT.NET):
AT&T WORLDNET SERVICES,
TEXAS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:37:00 Win2K-f 186.0.10.142 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

19:41:00 Win2K-f 59.114.15.167 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

19:49:00 Win2K-f 122.2.22.251 (PLDT.NET):
JNEC7300I02_CONSUMER,
CEBU, CEBU CITY, PH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:52:00 Win2K-f 82.28.92.231 (NTL.COM):
NTLI,
MANCHESTER, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1502 hits: 11-24 to 01-10] none[3] none:none
UPX| none trace

19:54:00 Win2K-f 190.184.15.60 (-):
CABLENET S.A,
NI. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 10 of 38 2b7c3f3a93
NEW none[3] none:none
UPX| none trace

19:55:00 Win2K-f 186.9.168.59 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:57:00 Win2K-f 125.85.222.97 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:809 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

19:58:00 Win2K-f 190.208.121.90 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:03:00 Win2K-f 59.105.151.124 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:08:00 Win2K-f 200.112.145.5 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:20:08:00 Win2K-f 195.56.46.33 (DATANET.HU):
GTS - DATANET TELECOMMUNICATION LTD,
HU. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:12:00 Win2K-f 201.49.221.58 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
BR:201.49.221.58:2557
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:14:00 Win2K-f 195.56.46.33 (DATANET.HU):
GTS - DATANET TELECOMMUNICATION LTD,
HU. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
HU:195.56.46.33:6749
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:15:00 Win2K-f 121.246.160.99 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:21:00 Win2K-f 222.86.44.92 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

T:20:25:00 Win2K-f 200.244.73.3 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:27:00 Win2K-f 81.84.217.12 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
COIMBRA, COIMBRA, PT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:31:00 Win2K-f 84.19.174.64 (HOSTING-IE.COM):
HOSTING IE IP NETWORK,
WICKLOW, WICKLOW, IE. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:38:00 Win2K-f 96.13.247.95 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:42:00 Win2K-f 122.120.14.209 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:44:00 Win2K-f 58.54.178.103 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:48:00 Win2K-f 81.84.217.12 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
COIMBRA, COIMBRA, PT. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:49:00 Win2K-f 190.208.121.90 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:50:00 Win2K-f 66.90.104.52 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:01:00 Win2K-f 59.117.126.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

T:21:02:00 Win2K-f 210.3.156.202 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:04:00 Win2K-f 94.76.213.206 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:04:00 Win2K-f 81.12.48.242 (-):
ISP SOFTWARE DESIGN ELECTRIONICS,
IR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 4e6c4dd8b1
[Firefox:44 hits: 11-25 to 01-10] none[3] none:none
StarForce| none trace

21:08:00 Win2K-f 60.250.53.200 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

21:10:00 Win2K-f 194.8.74.10 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:21:13:00 Win2K-f 194.8.74.10 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

21:16:00 Win2K-f 64.76.120.40 (COM.AR):
POWER VT S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:64.76.120.40:2088
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:23:00 Win2K-f 222.221.175.224 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:675 hits: 11-21 to 01-10] none[3] none:none
StarForce| none trace

21:26:00 Win2K-f 186.9.16.204 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

21:35:00 Win2K-f 211.75.71.243 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:37:00 Win2K-f 118.168.20.249 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:37:00 Win2K-f 59.112.234.130 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:44:00 Win2K-f 200.123.122.97 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
AR:200.123.122.97:8848
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:45:00 Win2K-f 123.204.37.73 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:46:00 Win2K-f 118.232.59.131 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:49:00 Win2K-f 123.204.37.73 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:55:00 Win2K-f 125.84.88.107 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:809 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

22:01:00 Win2K-f 84.126.58.183 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:22:02:00 Win2K-f 196.2.194.78 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:04:00 Win2K-f 190.128.77.246 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:04:00 Win2K-f 59.114.247.17 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:14:00 Win2K-f 114.47.226.14 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:19:00 Win2K-f 59.114.247.17 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:19:00 Win2K-f 200.63.85.66 (COM.AR):
ITD SRL,
LA PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 17cf6a5252
[Firefox: 9 hits: 12-03 to 01-01] none[3] none:none
UPX| none trace

22:20:00 Win2K-f 213.8.25.5 (INTER.NET.IL):
SMILE INTERNET GOLD,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:25:00 Win2K-f 200.63.85.66 (COM.AR):
ITD SRL,
LA PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 17cf6a5252
[Firefox: 9 hits: 12-03 to 01-01] none[3] none:none
UPX| none trace

T:22:27:00 Win2K-f 201.49.221.58 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:27:00 Win2K-f 114.121.56.116 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

22:31:00 Win2K-f 220.172.9.151 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:34:00 Win2K-f 213.8.25.5 (INTER.NET.IL):
SMILE INTERNET GOLD,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:39:00 Win2K-f 190.50.212.226 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:43:00 Win2K-f 186.9.135.152 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:435 hits: 11-26 to 01-10] none[3] none:none
Armadillo| none trace

T:22:51:00 Win2K-f 66.90.104.52 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:54:00 Win2K-f 60.188.135.247 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:54:00 Win2K-f 200.71.96.250 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:890 hits: 11-30 to 01-10] none[3] none:none
StarForce| none trace

T:22:56:00 Win2K-f 190.220.49.164 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:03:00 Win2K-f 170.51.236.32 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:09:00 Win2K-f 220.172.9.151 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:10:00 Win2K-f 125.232.84.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:10:00 Win2K-f 125.232.84.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:29:00 Win2K-f 64.76.120.40 (COM.AR):
POWER VT S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:30:00 Win2K-f 220.141.39.80 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:31:00 Win2K-f 222.218.14.72 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
LIUZHOU, GUANGXI, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:41:00 Win2K-f 80.93.215.92 (TEKLAN.COM.TR):
NET-EYIGUN,
TR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1733 hits: 11-22 to 01-10] none[3] none:none
UPX| none trace

T:23:42:00 Win2K-f 64.76.120.40 (COM.AR):
POWER VT S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:55:00 Win2K-f 82.64.85.3 (PROXAD.NET):
PROXAD / FREE SAS,
FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:57:00 Win2K-f 94.76.213.206 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:58:00 Win2K-f 118.170.122.230 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:16489 hits: 11-20 to 01-10] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace