Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

15 January 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:10:00 Win2K-f 140.113.212.226 (NCTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

00:11:00 Win2K-f 59.114.205.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:18:00 Win2K-f 190.68.126.147 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:19:00 Win2K-f 200.112.151.247 (NET.AR):
BROADBANDTECH S. A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

00:23:00 Win2K-f 93.88.161.183 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:00:26:00 Win2K-f 190.7.101.86 (DIVEO.NET.CO):
DIVEO DE COLOMBIA LTDA,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:29:00 Win2K-f 140.113.212.226 (NCTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:00:35:00 Win2K-f 86.21.92.38 (NTL.COM):
NTLI,
UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

00:43:00 Win2K-f 61.219.59.5 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:45:00 Win2K-f 211.74.216.239 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:53:00 Win2K-f 124.228.103.227 (-):
CHINANET HUNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:00:55:00 Win2K-f 118.243.135.83 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:55:00 Win2K-f 124.228.103.227 (-):
CHINANET HUNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

00:58:00 Win2K-f 210.2.148.242 (DANCOM.NET.PK):
DANCOM ONLINE SERVICES (PVT.) LTD,
PK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:10:00 Win2K-f 59.126.90.28 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:10:00 Win2K-f 59.126.90.28 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:10:00 Win2K-f 64.16.18.66 (MTNTEL.NET):
1ST NATIONAL LENDER,
MESA, ARIZONA, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

01:13:00 Win2K-f 125.64.61.21 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:19:00 Win2K-f 218.95.100.117 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:19:00 Win2K-f 218.95.100.117 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:24:00 Win2K-f 66.90.103.211 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 4e6c4dd8b1
[Firefox:47 hits: 11-25 to 01-13] none[3] none:none
StarForce| none trace

01:26:00 Win2K-f 122.122.218.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:36:00 Win2K-f 122.89.161.157 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:40:00 Win2K-f 64.16.18.66 (MTNTEL.NET):
1ST NATIONAL LENDER,
MESA, ARIZONA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:01:43:00 Win2K-f 222.89.27.112 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:45:00 Win2K-f 95.69.129.136 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

01:58:00 Win2K-f 222.89.27.112 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:00:00 Win2K-f 211.74.216.239 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:07:00 Win2K-f 66.199.235.242 (EZZI.NET):
EZZI.NET,
CHANTILLY, VIRGINIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:14:00 Win2K-f 122.122.218.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:24:00 Win2K-f 59.63.57.46 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:02:24:00 Win2K-f 190.68.126.147 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
190.68.126.147:6197
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:29:00 Win2K-f 69.50.64.80 (ACT2000.NET):
ANTIGUA COMPUTER TECHNOLOGY,
AG. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:44:00 Win2K-f 170.51.218.61 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:47:00 Win2K-f 194.187.192.3 (IP-194-187-192-10.FILNET.FR):
FILNET,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:52:00 Win2K-f 122.127.69.201 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:00:00 Win2K-f 61.216.235.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:07:00 Win2K-f 123.195.209.2 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:11:00 Win2K-f 123.195.209.2 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:19:00 Win2K-f 85.124.213.163 (INODE.AT):
LANDESVERBAND BOWLING WIEN,
WIEN, WIEN, AT. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:19:00 Win2K-f 85.124.213.163 (INODE.AT):
LANDESVERBAND BOWLING WIEN,
WIEN, WIEN, AT. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:33:00 Win2K-f 189.123.177.62 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

03:52:00 Win2K-f 190.49.158.144 (COM.AR):
TELEFONICA DE ARGENTINA,
LOMAS DE ZAMORA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:150 hits: 11-29 to 01-14] none[3] none:none
UPX| none trace

T:04:15:00 Win2K-f 69.50.64.80 (ACT2000.NET):
ANTIGUA COMPUTER TECHNOLOGY,
AG. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:16:00 Win2K-f 114.44.13.138 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:18:00 Win2K-f 186.9.158.24 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

T:04:23:00 WinXP 79.163.183.104 (-):
IDEA,
PL. n/a HK:proxim.ircgalaxy.pl
RU:citi-bank.ru
HK:58.65.232.35:65520
RU:89.208.35.28:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox:27 hits: 10-26 to 01-11] c2d5ac2315 [0] ASM:Graph
PolyEnE| lines=73
embedded dns trace

04:23:00 Win2K-f 125.85.134.223 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:211 hits: 11-20 to 01-13] none[3] none:none
StarForce| none trace

T:04:25:00 Win2K-f 213.9.165.129 (-):
LIMITSCREEN,
ES. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:33:00 Win2K-f 74.222.2.30 (VRTSERVERS.NET):
VRTSERVERS INC,
LOS ANGELES, CALIFORNIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:53:00 Win2K-f 77.21.209.89 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:56:00 Win2K-f 62.23.197.59 (-):
MAGNETI-MARELLI,
FR. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
FR:62.23.197.59:5501
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:57:00 Win2K-f 115.113.100.47 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:58:00 Win2K-f 59.63.57.46 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

05:03:00 Win2K-f 203.142.68.163 (-):
BIZNET-CS-BLOCK,
ID. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:08:00 Win2K-f 190.246.184.107 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:05:19:00 Win2K-f 203.142.68.163 (-):
BIZNET-CS-BLOCK,
ID. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:24:00 Win2K-f 125.68.83.89 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

T:05:25:00 Win2K-f 123.54.8.227 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:35:00 Win2K-f 200.110.182.134 (COM.AR):
COOPERATIVA RURAL ELECTRICA DE BRAGADO LTDA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

05:35:00 Win2K-f 221.125.233.31 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:47:00 Win2K-f 189.23.253.95 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

05:47:00 Win2K-f 190.246.184.107 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:05:51:00 Win2K-f 86.0.0.139 (NTL.COM):
NTLI,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

T:05:56:00 Win2K-f 125.68.83.89 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

T:06:06:00 Win2K-f 190.141.138.87 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:06:09:00 Win2K-f 89.47.241.6 (SMANET.RO):
JUMP NETWORK SERVICES S.R.L,
RO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

06:10:00 Win2K-f 190.136.131.113 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:13:00 Win2K-f 77.21.209.89 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:18:00 Win2K-f 219.81.230.228 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:24:00 Win2K-f 62.23.197.59 (-):
MAGNETI-MARELLI,
FR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:26:00 Win2K-f 218.160.211.207 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:30:00 Win2K-f 221.125.233.31 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:34:00 Win2K-f 212.122.161.38 (FREE.GOVERNMENT.BG):
BULGARIAN GOVERNMENT NETWORK,
SOFIA, SOFIYA, BG. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:34:00 Win2K-f 78.37.66.94 (LSI.RU):
OJSC NORTH-WEST TELECOM,
RU. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:46:00 Win2K-f 218.160.211.207 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:48:00 Win2K-f 94.25.137.183 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:50:00 Win2K-f 203.117.68.27 (MYSTARHUB.COM.SG):
STARHUBINTERNET,
SINGAPORE, SINGAPORE, SG. 203.117.68.27:3216 203.117.68.27:1842 203.117.68.27:4051 203.117.68.27:2435 203.117.68.27:4674 203.117.68.27:3067 US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:56:00 Win2K-f 69.15.231.234 (BANKERSX.COM):
CBEYOND COMMUNICATIONS LLC,
ATLANTA, GEORGIA, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:56:00 Win2K-f 212.122.161.38 (FREE.GOVERNMENT.BG):
BULGARIAN GOVERNMENT NETWORK,
SOFIA, SOFIYA, BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:57:00 Win2K-f 122.122.159.158 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:59:00 Win2K-f 203.117.68.27 (MYSTARHUB.COM.SG):
STARHUBINTERNET,
SINGAPORE, SINGAPORE, SG. 203.117.68.27:1370 203.117.68.27:3585 203.117.68.27:1966 203.117.68.27:3930 203.117.68.27:2320 203.117.68.27:4274 203.117.68.27:2685 203.117.68.27:4681 203.117.68.27:3033 203.117.68.27:1195 203.117.68.27:3388 203.117.68.27:1554 US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:00:00 Win2K-f 125.85.41.191 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:830 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

07:08:00 Win2K-f 92.40.47.20 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

07:25:00 Win2K-f 61.47.61.204 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:29:00 Win2K-f 69.15.231.234 (BANKERSX.COM):
CBEYOND COMMUNICATIONS LLC,
ATLANTA, GEORGIA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:32:00 Win2K-f 122.125.201.179 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:42:00 Win2K-f 122.125.201.179 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:50:00 Win2K-f 220.141.46.117 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

07:52:00 Win2K-f 93.92.126.218 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:59:00 Win2K-f 59.115.53.211 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:00:00 Win2K-f 201.23.222.18 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

08:09:00 Win2K-f 70.38.78.117 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:13:00 Win2K-f 201.216.216.42 (IPLANNETWORKS.NET):
NSS S.A,
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:830 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:08:14:00 Win2K-f 95.104.59.120 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:31:00 Win2K-f 122.122.159.158 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:37:00 Win2K-f 77.20.31.45 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:39:00 Win2K-f 86.6.121.32 (NTL.COM):
NTLI,
UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:40:00 Win2K-f 95.104.59.120 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:43:00 Win2K-f 190.64.8.89 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

08:58:00 Win2K-f 190.153.64.188 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:50 hits: 11-27 to 01-10] none[3] none:none
UPX| none trace

T:08:58:00 Win2K-f 190.64.8.89 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

09:01:00 Win2K-f 200.123.133.83 (IPLANNETWORKS.NET):
NSS S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:03:00 Win2K-f 140.113.65.134 (NTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:07:00 WinXP 85.197.157.254 (BIKAB.COM):
BREDBAND I KRISTIANSTAD AB - ABK CUSTOMERS,
KRISTIANSTAD, SKANE, SE. 89.208.35.28:80 HK:proxim.ircgalaxy.pl
RU:citi-bank.ru
HK:58.65.232.35:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox:27 hits: 10-26 to 01-11] c2d5ac2315 [0] ASM:Graph
PolyEnE| lines=73
embedded dns trace

09:10:00 Win2K-f 67.101.42.228 (COVAD.NET):
COVAD COMMUNICATIONS CO,
SAN FRANCISCO, CALIFORNIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:15:00 Win2K-f 190.54.131.193 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:09:16:00 Win2K-f 200.123.133.83 (IPLANNETWORKS.NET):
NSS S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:18:00 Win2K-f 190.55.182.132 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:09:25:00 Win2K-f 123.195.254.166 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:30:00 Win2K-f 201.254.33.7 (COM.AR):
TELEFONICA DE ARGENTINA,
BAHIA BLANCA, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:33:00 Win2K-f 195.62.234.148 (VOIP.EUTELIA.IT):
EDISONTEL,
IT. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:42:00 Win2K-f 190.153.64.188 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:50 hits: 11-27 to 01-10] none[3] none:none
UPX| none trace

T:09:42:00 Win2K-f 58.20.192.204 (-):
CNC GROUP HUNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:54:00 Win2K-f 77.20.31.45 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:05:00 Win2K-f 186.9.48.74 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

10:17:00 Win2K-f 196.43.78.121 (TTCLDATA.NET):
AFRINIC,
DAR ES SALAAM, DAR ES SALAAM, TZ. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:150 hits: 11-29 to 01-14] none[3] none:none
UPX| none trace

T:10:34:00 Win2K-f 85.152.228.99 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:35:00 Win2K-f 190.0.139.156 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

10:36:00 Win2K-f 95.81.199.12 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:37:00 Win2K-f 84.3.28.46 (T-ONLINE.HU):
HUNGARIAN TELECOM,
SZEGED, CSONGRAD, HU. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:52:00 Win2K-f 190.50.183.29 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:10:53:00 Win2K-f 94.50.174.53 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:54:00 Win2K-f 195.62.234.148 (VOIP.EUTELIA.IT):
EDISONTEL,
IT. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:01:00 Win2K-f 84.3.28.46 (T-ONLINE.HU):
HUNGARIAN TELECOM,
SZEGED, CSONGRAD, HU. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:08:00 Win2K-f 212.119.180.26 (-):
TECHCENTRE RTS IN SAINT PETERSBURG,
ST. PETERSBURG, SANKT-PETERBURG, RU. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:12:00 Win2K-f 190.50.183.29 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

11:16:00 Win2K-f 190.220.108.130 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:11:29:00 Win2K-f 61.216.119.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:40:00 Win2K-f 82.66.104.77 (PROXAD.NET):
PROXAD / FREE SAS,
GENNEVILLIERS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:43:00 Win2K-f 61.216.119.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:46:00 Win2K-f 93.110.8.126 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80
93.110.8.126:8349 139 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:53:00 Win2K-f 190.55.182.132 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:12:04:00 Win2K-f 190.173.214.106 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

12:16:00 Win2K-f 77.29.188.25 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 4 of 37 4e6c4dd8b1
[Firefox:47 hits: 11-25 to 01-13] none[3] none:none
StarForce| none trace

T:12:18:00 Win2K-f 190.254.43.98 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:23:00 Win2K-f 200.123.4.61 (SODEXHO-PERU.COM):
DIGITAL WAY S.A,
LIMA, LIMA, PE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:12:25:00 Win2K-f 81.105.10.9 (NTL.COM):
NTL INFRASTRUCTURE - LUTON,
CAMBERLEY, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:29:00 Win2K-f 88.117.125.216 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
VIENNA, WIEN, AT. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:32:00 Win2K-f 85.121.189.238 (RNC.RO):
RNC,
RO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

T:12:34:00 Win2K-f 85.120.225.130 (AITEL.RO):
SC AIETES TELECOM FILIALA TULCEA SRL,
GALATI, GALATI, RO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:830 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:12:37:00 WinXP 83.172.92.227 (LIDNET.NET):
SHE BREDBAND AB,
UPPSALA, UPPSALA, SE. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 37 of 39 1c74ea0034
NEW 109ad04130 [0] ASM:Graph
none|none lines=58 trace

12:40:00 Win2K-f 190.153.64.188 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
190.153.64.188:9109
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:50 hits: 11-27 to 01-10] none[3] none:none
UPX| none trace

T:13:00:00 Win2K-f 122.121.157.140 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:18:00 Win2K-f 190.137.38.22 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:211 hits: 11-20 to 01-13] none[3] none:none
StarForce| none trace

13:19:00 Win2K-f 80.76.128.186 (SAMARA.RU):
TETRA-SAMARA,
RU. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:25:00 Win2K-f 82.66.104.77 (PROXAD.NET):
PROXAD / FREE SAS,
GENNEVILLIERS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:28:00 Win2K-f 78.40.55.80 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
EU:78.40.55.80:9952 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:34:00 Win2K-f 190.90.198.175 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:38:00 Win2K-f 76.10.27.48 (PAVLOVMEDIA.COM):
VILLAGE AT CHANDLER CROSSING,
EAST LANSING, MICHIGAN, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:40:00 Win2K-f 81.105.10.9 (NTL.COM):
NTL INFRASTRUCTURE - LUTON,
CAMBERLEY, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:43:00 Win2K-f 82.66.104.77 (PROXAD.NET):
PROXAD / FREE SAS,
GENNEVILLIERS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:48:00 Win2K-f 62.90.213.7 (BARAK.NET.IL):
ABU AYOUB ROZLIN,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:51:00 Win2K-f 65.64.181.60 (SUNFLOWER.NET):
SUNFLOWER ELEC,
OTTAWA, KANSAS, US. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:01:00 WinXP 85.197.157.254 (BIKAB.COM):
BREDBAND I KRISTIANSTAD AB - ABK CUSTOMERS,
KRISTIANSTAD, SKANE, SE. n/a HK:proxim.ircgalaxy.pl
RU:citi-bank.ru
HK:58.65.232.35:65520
RU:89.208.35.28:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 34 of 36 9bb68450cd
[Firefox:27 hits: 10-26 to 01-11] c2d5ac2315 [0] ASM:Graph
PolyEnE| lines=73
embedded dns trace

T:14:02:00 Win2K-f 124.8.61.153 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:02:00 Win2K-f 201.173.38.32 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

14:04:00 Win2K-f 190.137.38.22 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:211 hits: 11-20 to 01-13] none[3] none:none
StarForce| none trace

T:14:04:00 Win2K-f 208.84.206.171 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:12:00 Win2K-f 190.90.198.175 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:14:00 Win2K-f 208.84.206.171 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:16:00 Win2K-f 190.51.185.208 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

14:19:00 Win2K-f 200.87.166.21 (ORION.PNUD.BO):
ENTEL S.A. - ENTELNET,
COCHABAMBA, COCHABAMBA, BO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:31:00 Win2K-f 119.111.109.71 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:32:00 Win2K-f 190.51.159.79 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

14:43:00 Win2K-f 84.73.23.213 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:45:00 Win2K-f 80.76.128.186 (SAMARA.RU):
TETRA-SAMARA,
RU. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:50:00 Win2K-f 190.0.75.46 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

14:54:00 Win2K-f 200.106.189.186 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:57:00 Win2K-f 85.120.225.130 (AITEL.RO):
SC AIETES TELECOM FILIALA TULCEA SRL,
GALATI, GALATI, RO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:830 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:14:58:00 Win2K-f 61.19.252.155 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:197 hits: 12-19 to 01-14] none[3] none:none
MEW| none trace

T:15:00:00 Win2K-f 74.41.206.99 (FRONTIERNET.NET):
FRONTIER COMMUNICATIONS OF AMERICA INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:06:00 Win2K-f 190.0.75.46 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

15:19:00 Win2K-f 61.19.252.155 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:197 hits: 12-19 to 01-14] none[3] none:none
MEW| none trace

T:15:21:00 Win2K-f 212.104.174.223 (BUSINESS.TELECOMITALIA.IT):
PROVIDER LOCAL REGISTRY,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:22:00 Win2K-f 190.24.120.197 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:25:00 Win2K-f 212.104.174.223 (BUSINESS.TELECOMITALIA.IT):
PROVIDER LOCAL REGISTRY,
IT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:32:00 Win2K-f 116.214.24.132 (TULIPCONNECT.COM):
IPVPN/INTERNET SERVICE PROVIDER,
IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:42:00 Win2K-f 200.29.143.82 (-):
JORGE HILL PARRA,
CL. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:15:48:00 Win2K-f 200.71.98.186 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:48:00 Win2K-f 200.29.143.78 (-):
JORGE HILL PARRA,
CL. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:211 hits: 11-20 to 01-13] none[3] none:none
StarForce| none trace

15:48:00 Win2K-f 78.40.55.80 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:55:00 Win2K-f 60.50.238.42 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

15:57:00 Win2K-f 70.64.138.118 (GASOC.COM):
SHAW COMMUNICATIONS INC,
SASKATOON, SASKATCHEWAN, CA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:59:00 Win2K-f 200.112.137.213 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

16:01:00 Win2K-f 200.29.143.82 (-):
JORGE HILL PARRA,
CL. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

16:05:00 Win2K-f 194.54.59.78 (KABLONET.COM.TR):
CABLE OPERATOR NETWORK OF TURK TELEKOM,
ESKISEHIR, ESKISEHIR, TR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:06:00 Win2K-f 210.192.217.52 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
TW:210.192.217.52:5168
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:10:00 Win2K-f 76.10.27.48 (PAVLOVMEDIA.COM):
VILLAGE AT CHANDLER CROSSING,
EAST LANSING, MICHIGAN, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:12:00 Win2K-f 84.73.23.213 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:25:00 Win2K-f 200.113.174.50 (CUST.TIE.CL):
TELEFONICA EMPRESAS,
CL. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:30:00 Win2K-f 190.68.77.26 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:32:00 Win2K-f 213.79.97.139 (NET.PL):
PROVIDER LOCAL REGISTRY,
LUBLIN, LUBELSKIE, PL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:32:00 Win2K-f 122.125.103.95 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:36:00 Win2K-f 190.48.219.246 (COM.AR):
TELEFONICA DE ARGENTINA,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

16:38:00 Win2K-f 61.94.213.61 (TELKOM.NET.ID):
PT TELKOM INDONESIA,
ID. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

16:39:00 Win2K-f 190.48.219.246 (COM.AR):
TELEFONICA DE ARGENTINA,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

16:43:00 Win2K-f 190.0.65.38 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:16:43:00 Win2K-f 59.114.135.96 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:52:00 Win2K-f 203.77.62.189 (GCN.NET.TW):
GLOBAL COMMUNICATION NETWORK CORP,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:53:00 Win2K-f 58.68.100.83 (-):
DWL-SIKKANET-LUCKNOW,
LUCKNOW, UTTAR PRADESH, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:59:00 Win2K-f 190.0.65.38 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
DO:190.0.65.38:6053
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 39 5e20cb3a38
NEW none[3] none:none
UPX| none trace

17:01:00 Win2K-f 58.68.100.83 (-):
DWL-SIKKANET-LUCKNOW,
LUCKNOW, UTTAR PRADESH, IN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:01:00 Win2K-f 190.153.120.116 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
6 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:04:00 Win2K-f 190.245.42.20 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

17:09:00 Win2K-f 187.31.42.144 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:21:00 Win2K-f 24.86.102.99 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:26:00 Win2K-f 161.53.125.15 (FESB.HR):
UNIVERSITY COMPUTING CENTRE,
ZAGREB, GRAD ZAGREB, HR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:197 hits: 12-19 to 01-14] none[3] none:none
MEW| none trace

T:17:26:00 Win2K-f 194.8.75.159 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

17:27:00 Win2K-f 74.41.206.99 (FRONTIERNET.NET):
FRONTIER COMMUNICATIONS OF AMERICA INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:36:00 Win2K-f 211.74.167.202 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:41:00 Win2K-f 123.204.116.14 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:42:00 Win2K-f 218.75.13.106 (-):
XIANJU DONGFANG HOTEL,
DONGFANG, ZHEJIANG, CN. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:43:00 Win2K-f 71.96.27.29 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
GARLAND, TEXAS, US. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:47:00 Win2K-f 211.241.184.78 (KRLINE.NET):
KRNIC,
KR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset lanman
http
29 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:48:00 Win2K-f 186.9.144.107 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:59:00 Win2K-f 201.69.137.201 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:18:00:00 Win2K-f 190.24.120.197 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:07:00 Win2K-f 203.77.62.189 (GCN.NET.TW):
GLOBAL COMMUNICATION NETWORK CORP,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:09:00 Win2K-f 211.241.184.78 (KRLINE.NET):
KRNIC,
KR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:12:00 Win2K-f 190.50.115.39 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:14:00 Win2K-f 59.104.72.123 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:16:00 Win2K-f 118.98.176.68 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:20:00 Win2K-f 201.172.200.91 (INTERCABLE.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MONTERREY, NUEVO LEON, MX. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:18:28:00 Win2K-f 123.204.174.113 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:30:00 Win2K-f 94.102.6.221 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:30:00 Win2K-f 121.78.71.2 (-):
KINXINC,
SEOUL, KYONGGI-DO, KR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:34:00 Win2K-f 190.245.42.20 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

18:40:00 Win2K-f 59.104.72.123 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:47:00 Win2K-f 125.99.158.53 (HATHWAY.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
MUMBAI, MAHARASHTRA, IN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:49:00 Win2K-f 117.68.53.16 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:53:00 Win2K-f 59.124.11.166 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:55:00 Win2K-f 61.178.26.115 (163DATA.COM.CN):
GANSU LANZHOU AREA NET CLUB,
GANSU, GANSU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 38 c645a73bd2
[Firefox: 4 hits: 12-22 to 01-08] none[3] none:none
tElock| none trace

18:59:00 Win2K-f 123.204.174.113 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:04:00 Win2K-f 210.61.170.50 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:13:00 Win2K-f 60.178.52.109 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

19:14:00 Win2K-f 59.114.246.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:21:00 Win2K-f 125.99.158.53 (HATHWAY.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
MUMBAI, MAHARASHTRA, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:23:00 Win2K-f 164.58.144.147 (-):
HOMINY PUBLIC LIBRARY,
HOMINY, OKLAHOMA, US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:25:00 Win2K-f 200.120.227.139 (VTR.NET):
VTR BANDA ANCHA S.A,
SANTIAGO, REGION METROPOLITANA, CL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:26:00 Win2K-f 200.80.183.218 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:29:00 Win2K-f 70.74.118.51 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:19:29:00 Win2K-f 190.0.72.110 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:19:35:00 Win2K-f 70.70.26.112 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CHILLIWACK, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

19:36:00 Win2K-f 203.104.84.15 (EASYCALL.COM.PH):
EASYCALL COMMUNICATIONS PHILIPPINES INC,
MANDALUYONG CITY, MANILA, PH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

19:39:00 Win2K-f 164.58.144.147 (-):
HOMINY PUBLIC LIBRARY,
HOMINY, OKLAHOMA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:41:00 Win2K-f 125.127.160.20 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

19:46:00 Win2K-f 118.98.176.68 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:47:00 Win2K-f 203.104.84.15 (EASYCALL.COM.PH):
EASYCALL COMMUNICATIONS PHILIPPINES INC,
MANDALUYONG CITY, MANILA, PH. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:19:47:00 Win2K-f 125.84.84.144 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

T:19:58:00 Win2K-f 161.53.125.15 (FESB.HR):
UNIVERSITY COMPUTING CENTRE,
ZAGREB, GRAD ZAGREB, HR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
HR:161.53.125.15:7542
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:197 hits: 12-19 to 01-14] none[3] none:none
MEW| none trace

20:04:00 Win2K-f 114.44.200.141 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:20:07:00 Win2K-f 59.125.210.63 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:10:00 Win2K-f 221.125.227.43 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:14:00 Win2K-f 61.95.250.183 (MANTRAONLINE.COM):
ROUTER LAN FOR DELHI POP,
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:15:00 Win2K-f 93.97.20.68 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

20:22:00 Win2K-f 121.78.71.2 (-):
KINXINC,
SEOUL, KYONGGI-DO, KR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:27:00 Win2K-f 208.83.212.11 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:20:30:00 Win2K-f 59.124.165.106 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:32:00 Win2K-f 186.9.24.49 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:211 hits: 11-20 to 01-13] none[3] none:none
StarForce| none trace

20:33:00 Win2K-f 114.45.97.74 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:41:00 Win2K-f 209.8.247.77 (CAIS.NET):
BEYOND THE NETWORK AMERICA INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:719 hits: 11-21 to 01-14] none[3] none:none
StarForce| none trace

20:42:00 Win2K-f 201.172.219.57 (INTERCABLE.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MONTERREY, NUEVO LEON, MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:20:47:00 Win2K-f 190.220.87.119 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:47:00 Win2K-f 220.139.203.148 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:49:00 Win2K-f 60.198.6.201 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

21:00:00 Win2K-f 119.96.67.188 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:21:03:00 Win2K-f 119.86.180.55 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:05:00 Win2K-f 210.192.204.95 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:11:00 Win2K-f 119.96.67.188 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:21:11:00 Win2K-f 123.195.9.98 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:12:00 Win2K-f 77.37.212.143 (NCNET.RU):
NCN-INFRA,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:15:00 Win2K-f 190.220.87.119 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:19:00 Win2K-f 114.45.97.74 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:19:00 Win2K-f 121.254.83.55 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:25:00 Win2K-f 58.253.23.152 (CNCNET.NET):
CNC GROUP GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:28:00 Win2K-f 58.253.23.152 (CNCNET.NET):
CNC GROUP GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:31:00 Win2K-f 61.59.63.192 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:31:00 Win2K-f 190.224.248.73 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

21:31:00 Win2K-f 210.21.68.9 (-):
GUANGZHOU-FUBUSI-CORP,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:21:40:00 Win2K-f 190.0.79.158 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

21:48:00 Win2K-f 208.83.212.11 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

21:48:00 Win2K-f 118.232.16.145 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:53:00 Win2K-f 210.3.214.223 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:55:00 Win2K-f 210.192.204.95 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:58:00 Win2K-f 79.101.63.4 (G-M-I.NET):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:499 hits: 11-26 to 01-14] none[3] none:none
Armadillo| none trace

22:00:00 Win2K-f 60.198.6.201 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:22:05:00 Win2K-f 123.145.167.116 (-):
CNCGROUP CHONGQING PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:09:00 Win2K-f 114.146.23.185 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:12:00 WinXP 122.45.188.42 (-):
POWERCOMM,
KR. 76.76.19.32:3921 :new.ifconfig.us 139 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 26 of 39 93e6c28518
NEW 8cc72c8a46 [0] ASM:Graph
ASPack| lines=3095
embedded dns trace

T:22:18:00 Win2K-f 116.6.20.69 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:29:00 Win2K-f 59.114.246.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:32:00 Win2K-f 87.97.233.172 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:33:00 Win2K-f 92.61.179.134 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:37:00 Win2K-f 117.80.33.6 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:418 hits: 11-25 to 01-14] none[3] none:none
Armadillo| none trace

T:22:42:00 Win2K-f 87.118.141.214 (PC-LINK.NET):
INTERNET SERVICE PROVIDER,
BG. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:43:00 Win2K-f 77.20.15.112 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:933 hits: 11-30 to 01-14] none[3] none:none
StarForce| none trace

T:22:46:00 Win2K-f 190.224.248.73 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1808 hits: 11-22 to 01-14] none[3] none:none
UPX| none trace

T:22:54:00 Win2K-f 196.44.2.134 (BDAY.CO.ZA):
AFRINIC,
JOHANNESBURG, GAUTENG, ZA. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:55:00 Win2K-f 119.130.179.39 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1578 hits: 11-24 to 01-14] none[3] none:none
UPX| none trace

T:22:56:00 Win2K-f 59.121.128.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:58:00 Win2K-f 196.44.2.134 (BDAY.CO.ZA):
AFRINIC,
JOHANNESBURG, GAUTENG, ZA. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:58:00 Win2K-f 59.120.173.211 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:02:00 Win2K-f 118.232.16.145 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:18:00 Win2K-f 75.125.125.36 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:21:00 Win2K-f 190.141.181.114 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:24:00 Win2K-f 190.55.211.213 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:27:00 Win2K-f 123.204.166.238 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:29:00 Win2K-f 122.118.212.193 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:29:00 Win2K-f 190.55.211.213 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:37:00 Win2K-f 123.204.166.238 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:37:00 Win2K-f 117.23.14.50 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:49:00 Win2K-f 190.81.111.133 (TELMEX.COM.PE):
TELMEX PERU S.A,
PE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:55:00 Win2K-f 189.57.16.2 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17319 hits: 11-20 to 01-14] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace