Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

18 January 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:16:00 Win2K-f 118.232.46.230 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:19:00 Win2K-f 218.163.169.179 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:27:00 Win2K-f 114.47.5.21 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:28:00 Win2K-f 218.160.235.29 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:34:00 Win2K-f 219.95.33.198 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 39 83a49f8685
NEW none[3] none:none
StarForce| none trace

T:00:35:00 Win2K-f 119.0.100.73 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:37:00 Win2K-f 210.3.220.94 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:41:00 Win2K-f 74.52.198.66 (THEPLANET.COM):
THEPLANET.COM INTERNET SERVICES INC,
DALLAS, TEXAS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

00:42:00 Win2K-f 190.56.166.234 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:53:00 Win2K-f 218.163.169.179 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:57:00 Win2K-f 114.47.5.21 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:01:00 Win2K-f 218.160.235.29 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:14:00 Win2K-f 200.123.122.163 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:17:00 Win2K-f 66.90.104.52 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:21:00 Win2K-f 118.98.178.98 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:23:00 Win2K-f 219.86.225.140 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:23:00 Win2K-f 59.112.242.83 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:34:00 Win2K-f 201.255.123.156 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:35:00 Win2K-f 61.56.166.31 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:221 hits: 11-20 to 01-17] none[3] none:none
StarForce| none trace

T:01:38:00 Win2K-f 74.52.198.66 (THEPLANET.COM):
THEPLANET.COM INTERNET SERVICES INC,
DALLAS, TEXAS, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:01:45:00 Win2K-f 118.171.161.204 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:49:00 Win2K-f 114.44.144.226 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:51:00 Win2K-f 122.125.228.11 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:54:00 Win2K-f 59.112.52.67 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:02:02:00 Win2K-f 59.116.45.111 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:03:00 Win2K-f 220.136.82.85 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:15:00 Win2K-f 38.102.0.42 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:17:00 Win2K-f 114.44.144.226 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:18:00 Win2K-f 203.118.234.139 (-):
GRAND TAINAN TECHNOLOGY CO.LTD,
TAINAN, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:26:00 Win2K-f 200.112.143.201 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

02:28:00 Win2K-f 58.254.107.80 (CNCNET.NET):
CNC GROUP GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:33:00 Win2K-f 123.52.69.212 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:40:00 Win2K-f 61.191.113.57 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:50:00 Win2K-f 203.70.53.86 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

02:52:00 Win2K-f 61.59.12.194 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:00:00 Win2K-f 83.2.230.193 (TPNET.PL):
TPSA,
PL. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:04:00 Win2K-f 77.58.30.137 (SOLPA.NET):
CABLECOM,
CH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:10:00 Win2K-f 119.77.241.7 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:12:00 Win2K-f 137.30.254.75 (UNO.EDU):
UNIVERSITY OF NEW ORLEANS,
NEW ORLEANS, LOUISIANA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:17:00 Win2K-f 211.24.141.125 (TIME.NET.MY):
TIME TELECOMMUNICATIONS SDN BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:20:00 Win2K-f 114.121.126.28 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

03:30:00 Win2K-f 222.89.221.247 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:39:00 Win2K-f 66.90.118.155 (COCAINA.CC):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:43:00 Win2K-f 203.94.231.61 (-):
MAHANAGAR TELEPHONE NIGAM LTD. ISP DIVISION NEW DELHI,
DELHI, DELHI, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:46:00 Win2K-f 124.8.120.76 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:56:00 Win2K-f 116.29.250.81 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:18:00 Win2K-f 118.166.143.120 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:21:00 Win2K-f 208.100.250.215 (1DIAL.COM):
AD-BASE SYSTEMS INC. (DBA GLOBALPOPS),
PITTSBURGH, PENNSYLVANIA, US. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:23:00 Win2K-f 114.44.224.85 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:32:00 Win2K-f 221.125.118.136 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:32:00 Win2K-f 114.121.126.28 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

04:35:00 Win2K-f 190.105.19.148 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:47:00 Win2K-f 221.169.188.118 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:57:00 Win2K-f 189.124.190.4 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:04:00 Win2K-f 114.44.149.81 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:06:00 Win2K-f 220.102.185.38 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:436 hits: 11-25 to 01-17] none[3] none:none
Armadillo| none trace

05:06:00 Win2K-f 220.114.130.21 (-):
FOR GREAT WALL BROADBAND NETWORK SERVICE ACCESS IN HEFEI ANHUI PROVINCE,
HEFEI, ANHUI, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

05:07:00 Win2K-f 219.87.224.119 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:15:00 Win2K-f 96.10.85.71 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
96.10.85.71:7840 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:22:00 Win2K-f 122.116.146.156 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:30:00 Win2K-f 78.31.59.134 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:30:00 Win2K-f 124.123.103.229 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:31:00 Win2K-f 61.217.186.197 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:38:00 Win2K-f 79.0.5.167 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
PESARO, MARCHE, IT. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:42:00 Win2K-f 124.8.120.76 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:44:00 Win2K-f 96.10.85.71 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:44:00 Win2K-f 221.125.118.136 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:45:00 Win2K-f 114.44.149.81 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:55:00 Win2K-f 190.108.6.44 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:436 hits: 11-25 to 01-17] none[3] none:none
Armadillo| none trace

T:06:02:00 Win2K-f 121.33.25.203 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

T:06:02:00 Win2K-f 219.86.167.76 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:06:00 Win2K-f 78.31.59.134 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:12:00 Win2K-f 118.232.52.222 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:13:00 Win2K-f 189.124.190.4 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:24:00 Win2K-f 122.120.220.1 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:30:00 Win2K-f 220.114.130.21 (-):
FOR GREAT WALL BROADBAND NETWORK SERVICE ACCESS IN HEFEI ANHUI PROVINCE,
HEFEI, ANHUI, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

06:35:00 Win2K-f 61.227.99.133 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:45:00 Win2K-f 94.102.6.232 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:57:00 Win2K-f 190.225.2.233 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:57:00 Win2K-f 114.44.224.85 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:06:00 Win2K-f 200.75.227.38 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 6 of 37 13e15a653e
[Firefox:43 hits: 11-21 to 01-17] none[3] none:none
UPX| none trace

07:17:00 Win2K-f 118.166.143.120 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:27:00 Win2K-f 210.55.77.49 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:34:00 Win2K-f 79.108.140.123 (G-M-I.NET):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:36:00 Win2K-f 212.124.13.106 (-):
ALPES-NETWORKS,
FR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:48:00 Win2K-f 87.97.58.218 (INVITEL.HU):
VTH - ADSL PPPOE (DUNAU-ADSL0),
SZEKESFEHERVAR, FEJER, HU. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

07:51:00 Win2K-f 201.253.149.219 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:55 hits: 11-27 to 01-16] none[3] none:none
UPX| none trace

T:07:54:00 WinXP 173.22.16.17 (-):
. n/a DE:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
GB:new.egg.com
:wpad
GB:welcome3.smile.co.uk
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
http
42 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:371 hits: 05-01 to 12-25] none[0] none:none
ASPack| lines=281
embedded dns trace

07:56:00 Win2K-f 79.108.27.154 (G-M-I.NET):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:07:56:00 Win2K-f 122.126.50.90 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

08:05:00 Win2K-f 114.121.21.169 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:13:00 Win2K-f 212.124.13.106 (-):
ALPES-NETWORKS,
FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:16:00 Win2K-f 190.24.34.122 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:21:00 Win2K-f 212.95.47.28 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

08:33:00 Win2K-f 125.224.150.93 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:42:00 Win2K-f 61.6.67.102 (BTL50.JARING.MY):
MIMOS BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:50:00 Win2K-f 190.220.49.30 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

09:13:00 Win2K-f 59.114.206.74 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:14:00 Win2K-f 66.96.207.33 (HOSTNOC.NET):
BURSTNET TECHNOLOGIES INC,
BLOOMSBURG, PENNSYLVANIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:18:00 Win2K-f 186.9.168.1 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

T:09:24:00 Win2K-f 94.76.213.222 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:26:00 Win2K-f 114.43.164.220 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:33:00 Win2K-f 200.62.195.80 (TELMEX.COM.PE):
MENDOZA HUAMANI JESUS GUILLERMO,
LIMA, LIMA, PE. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:41:00 Win2K-f 94.76.213.222 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:45:00 Win2K-f 189.97.206.91 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:523 hits: 11-26 to 01-17] none[3] none:none
Armadillo| none trace

T:09:50:00 Win2K-f 190.208.109.119 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

10:02:00 Win2K-f 83.2.245.194 (TPNET.PL):
TPSA,
PL. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:05:00 Win2K-f 125.230.79.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:05:00 Win2K-f 190.0.76.246 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:05:00 Win2K-f 66.96.207.33 (HOSTNOC.NET):
BURSTNET TECHNOLOGIES INC,
BLOOMSBURG, PENNSYLVANIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:19:00 Win2K-f 91.102.160.80 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:19:00 Win2K-f 119.19.8.4 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:25:00 Win2K-f 91.102.160.80 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
TR:91.102.160.80:7708 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:31:00 Win2K-f 125.224.150.93 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:37:00 Win2K-f 200.43.14.250 (NET.AR):
CABRERA FACUNDO PABLO,
NEUQUEN, NEUQUEN, AR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:39:00 Win2K-f 69.46.217.108 (EN-TEL.NET):
LAKEDALE LINK,
ANNANDALE, MINNESOTA, US. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:41:00 Win2K-f 121.12.250.146 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:54:00 Win2K-f 85.119.245.11 (POWERED-BY.NETDISTRI.BE):
DUTCHZONE / NETDISTRI,
BE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:10:55:00 Win2K-f 190.2.0.75 (IPLANNETWORKS.NET):
NSS S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:06:00 Win2K-f 122.122.115.136 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:08:00 Win2K-f 61.6.67.102 (BTL50.JARING.MY):
MIMOS BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:16:00 Win2K-f 78.33.63.2 (ENTA.NET):
ENTANET,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

11:21:00 Win2K-f 78.39.193.57 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:38:00 Win2K-f 212.95.40.60 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

11:40:00 Win2K-f 125.230.79.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:41:00 Win2K-f 117.96.112.46 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:41:00 Win2K-f 212.95.40.60 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

11:57:00 Win2K-f 186.9.174.166 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:58:00 Win2K-f 83.97.238.37 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:221 hits: 11-20 to 01-17] none[3] none:none
StarForce| none trace

T:12:20:00 Win2K-f 218.75.146.31 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:25:00 WinXP 95.69.128.202 (-):
. 89.208.35.28:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 37 1987904b12
[Firefox: 3 hits: 12-31 to 01-04] 9fd17c99f9 [0] ASM:Graph
PolyEnE| lines=68 trace

T:12:27:00 Win2K-f 83.97.137.132 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:35:00 Win2K-f 83.97.137.132 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:36:00 Win2K-f 58.49.231.197 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:37:00 Win2K-f 85.119.245.11 (POWERED-BY.NETDISTRI.BE):
DUTCHZONE / NETDISTRI,
BE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:12:44:00 Win2K-f 118.161.142.231 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:48:00 Win2K-f 200.43.14.250 (NET.AR):
CABRERA FACUNDO PABLO,
NEUQUEN, NEUQUEN, AR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:50:00 Win2K-f 93.91.196.23 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:54:00 Win2K-f 216.109.145.55 (DATAPIPE.NET):
DATAPIPE,
HOBOKEN, NEW JERSEY, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:56:00 Win2K-f 59.117.169.124 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:03:00 Win2K-f 123.195.198.66 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:06:00 Win2K-f 123.195.198.66 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:08:00 Win2K-f 59.117.169.124 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:27:00 Win2K-f 221.125.49.107 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:29:00 Win2K-f 123.195.60.244 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
TW:123.195.60.244:6928
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:33:00 WinXP 79.163.135.205 (-):
IDEA,
PL. n/a HK:proxim.ircgalaxy.pl
HK:58.65.232.35:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 37 of 39 9c20944d61
NEW 0bf3a9d27b [0] ASM:Graph
PolyEnE| lines=134 trace

13:42:00 Win2K-f 118.161.142.231 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:43:00 Win2K-f 80.93.208.243 (-):
OZER ELEKTRONIK LTD,
TR. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:44:00 Win2K-f 202.105.31.104 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:44:00 Win2K-f 125.86.121.137 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:44:00 Win2K-f 91.64.25.96 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:47:00 Win2K-f 190.137.128.9 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:13:47:00 Win2K-f 190.50.38.90 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

T:14:01:00 Win2K-f 123.204.58.158 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:10:00 Win2K-f 190.6.48.163 (NET-UNO.NET):
NET UNO C.A,
CARACAS, DISTRITO FEDERAL, VE. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:14:19:00 Win2K-f 114.44.4.146 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:23:00 Win2K-f 122.121.212.18 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:26:00 Win2K-f 186.9.46.198 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:436 hits: 11-25 to 01-17] none[3] none:none
Armadillo| none trace

14:41:00 Win2K-f 140.113.138.121 (NTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:43:00 Win2K-f 190.128.125.255 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:841 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:14:51:00 Win2K-f 118.160.163.216 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:51:00 Win2K-f 211.74.130.62 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

14:57:00 Win2K-f 119.77.204.89 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:59:00 Win2K-f 201.253.56.225 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:209 hits: 12-19 to 01-17] none[3] none:none
MEW| none trace

15:00:00 Win2K-f 202.52.74.126 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:523 hits: 11-26 to 01-17] none[3] none:none
Armadillo| none trace

T:15:04:00 Win2K-f 119.77.204.89 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:05:00 Win2K-f 118.232.62.134 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:07:00 Win2K-f 196.40.70.62 (RACSA.CO.CR):
SERVIDOR ACCESO PUNTARENAS,
SAN JOSE, SAN JOSE, CR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:15:00 Win2K-f 190.6.48.163 (NET-UNO.NET):
NET UNO C.A,
CARACAS, DISTRITO FEDERAL, VE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:15:21:00 Win2K-f 190.141.136.39 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:15:35:00 Win2K-f 200.117.138.76 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

15:38:00 Win2K-f 190.245.48.28 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:15:40:00 Win2K-f 196.40.70.62 (RACSA.CO.CR):
SERVIDOR ACCESO PUNTARENAS,
SAN JOSE, SAN JOSE, CR. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:45:00 Win2K-f 84.72.65.55 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:15:47:00 Win2K-f 59.104.83.121 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:50:00 Win2K-f 118.160.163.216 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:58:00 Win2K-f 200.71.96.116 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:06:00 Win2K-f 220.130.216.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

16:08:00 Win2K-f 190.67.84.58 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:841 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:16:09:00 Win2K-f 59.104.40.171 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:11:00 Win2K-f 118.161.142.231 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:12:00 Win2K-f 211.47.239.59 (-):
VAAN-LJH,
SEOUL, KYONGGI-DO, KR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:13:00 Win2K-f 200.71.96.116 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:19:00 Win2K-f 61.223.230.37 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:19:00 Win2K-f 189.54.134.146 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:20:00 Win2K-f 220.130.216.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

T:16:29:00 Win2K-f 190.245.48.28 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:16:33:00 Win2K-f 122.126.134.132 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:39:00 Win2K-f 61.31.169.189 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:39:00 Win2K-f 190.6.48.163 (NET-UNO.NET):
NET UNO C.A,
CARACAS, DISTRITO FEDERAL, VE. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

16:47:00 Win2K-f 114.121.8.232 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:49:00 Win2K-f 59.104.30.22 (SEED.NET.TW):
DIGITAL UNITED I,
TAOYUAN, T'AI-WAN, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:436 hits: 11-25 to 01-17] none[3] none:none
Armadillo| none trace

16:51:00 Win2K-f 61.223.97.50 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:52:00 Win2K-f 189.23.122.6 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:53:00 Win2K-f 211.76.42.230 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:54:00 Win2K-f 211.76.42.230 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:59:00 Win2K-f 190.141.136.39 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

17:14:00 Win2K-f 123.195.21.141 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:16:00 Win2K-f 123.195.21.141 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:17:00 Win2K-f 203.70.125.51 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:20:00 Win2K-f 200.27.79.83 (200.TELMEXCHILE.CL):
TELMEX CHILE INTERNET S.A,
SANTIAGO, REGION METROPOLITANA, CL. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:27:00 Win2K-f 61.223.230.37 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:30:00 Win2K-f 201.234.162.108 (COM.AR):
COOPERATIVA VILLA DEL ROSARIO (COOVILROS),
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:35:00 Win2K-f 190.97.133.142 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:37:00 Win2K-f 186.9.149.253 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

17:44:00 Win2K-f 59.104.83.121 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:54:00 Win2K-f 203.70.125.51 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:09:00 Win2K-f 61.231.64.244 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:09:00 Win2K-f 59.104.30.22 (SEED.NET.TW):
DIGITAL UNITED I,
TAOYUAN, T'AI-WAN, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:436 hits: 11-25 to 01-17] none[3] none:none
Armadillo| none trace

18:11:00 Win2K-f 122.121.241.219 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:743 hits: 11-21 to 01-17] none[3] none:none
StarForce| none trace

T:18:16:00 Win2K-f 194.8.75.204 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

18:28:00 Win2K-f 200.27.79.83 (200.TELMEXCHILE.CL):
TELMEX CHILE INTERNET S.A,
SANTIAGO, REGION METROPOLITANA, CL. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:31:00 Win2K-f 190.55.161.22 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:18:35:00 Win2K-f 124.112.245.248 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:40:00 Win2K-f 59.105.151.136 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:40:00 Win2K-f 201.73.242.53 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

18:41:00 Win2K-f 118.170.205.139 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:65 hits: 11-21 to 01-17] none[3] none:none
UPX| none trace

T:18:48:00 Win2K-f 190.96.162.243 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:841 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:18:53:00 Win2K-f 59.105.151.136 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:07:00 Win2K-f 200.43.94.210 (NET.AR):
CEMDO LTDA,
MARLTON, NEW JERSEY, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:10:00 Win2K-f 186.9.70.134 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

T:19:10:00 Win2K-f 190.139.12.222 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:12:00 Win2K-f 190.220.65.132 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:19:14:00 Win2K-f 94.76.208.42 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:18:00 Win2K-f 200.43.94.210 (NET.AR):
CEMDO LTDA,
MARLTON, NEW JERSEY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:23:00 Win2K-f 118.170.205.139 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:65 hits: 11-21 to 01-17] none[3] none:none
UPX| none trace

19:27:00 Win2K-f 59.104.40.171 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:33:00 Win2K-f 66.90.104.110 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:40:00 Win2K-f 190.225.200.76 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

19:50:00 Win2K-f 67.159.33.101 (JILLYRED.NET):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:19:50:00 Win2K-f 190.225.200.76 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

19:50:00 Win2K-f 207.91.150.40 (NSTCI.NET):
NETWORKS ON-LINE,
KEMAH, TEXAS, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1848 hits: 11-22 to 01-17] none[3] none:none
UPX| none trace

T:19:57:00 Win2K-f 186.9.70.134 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

19:59:00 Win2K-f 94.76.208.42 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:02:00 Win2K-f 125.84.157.99 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:07:00 Win2K-f 190.55.227.203 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

20:10:00 Win2K-f 206.21.186.79 (OAR.NET):
OARNET,
COLUMBUS, OHIO, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:16:00 Win2K-f 114.47.11.18 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:20:00 Win2K-f 125.84.157.99 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:22:00 Win2K-f 196.30.206.39 (GACINV.CO.ZA):
AFRINIC,
CAPE TOWN, WESTERN CAPE, ZA. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:26:00 Win2K-f 212.59.11.80 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:27:00 Win2K-f 61.227.103.121 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:31:00 Win2K-f 89.44.30.106 (-):
SC EXPANSION NET SRL,
RO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:20:35:00 Win2K-f 61.227.103.121 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:39:00 Win2K-f 196.30.206.39 (GACINV.CO.ZA):
AFRINIC,
CAPE TOWN, WESTERN CAPE, ZA. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:39:00 Win2K-f 211.95.163.237 (CNUNINET.NET):
CHINA UNITED TELECOMMUNICATIONS CORPORATION,
CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:43:00 Win2K-f 190.0.75.192 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

20:46:00 Win2K-f 75.187.187.106 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:4123 hits: 06-17 to 01-17]
b7082104e4
[Firefox:278 hits: 06-18 to 01-12] 1473091351 [0]
c5b49e7b82[0] ASM:Graph
ASM:Graph
tElock|
tElock| lines=75
embedded dns
lines=41 trace
trace

T:20:49:00 Win2K-f 87.121.13.221 (-):
NETERRA-TELECABLENET-NET,
BG. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:523 hits: 11-26 to 01-17] none[3] none:none
Armadillo| none trace

20:53:00 Win2K-f 212.59.11.84 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:56:00 Win2K-f 38.98.243.230 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:01:00 Win2K-f 118.171.171.210 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:06:00 Win2K-f 201.253.130.150 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:21:06:00 Win2K-f 59.115.233.59 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:13:00 Win2K-f 201.173.6.116 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

21:15:00 Win2K-f 59.115.233.59 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:21:00 Win2K-f 67.159.45.62 (JILLYRED.NET):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:28:00 Win2K-f 118.232.8.144 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:29:00 Win2K-f 201.172.101.229 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

21:29:00 Win2K-f 84.237.171.41 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:31:00 Win2K-f 194.176.114.143 (ELCITY.RU):
ELECTRONNIY GOROD LTD,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:36:00 Win2K-f 212.59.11.84 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:37:00 Win2K-f 122.26.83.211 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:45:00 Win2K-f 119.135.205.184 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:523 hits: 11-26 to 01-17] none[3] none:none
Armadillo| none trace

21:48:00 Win2K-f 119.135.205.184 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:523 hits: 11-26 to 01-17] none[3] none:none
Armadillo| none trace

T:21:49:00 Win2K-f 201.168.48.45 (MARCATEL.NET.MX):
MARCATEL,
MONTERREY, NUEVO LEON, MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

T:21:55:00 Win2K-f 219.152.48.108 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:04:00 Win2K-f 190.220.49.164 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:05:00 Win2K-f 125.89.221.176 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:06:00 Win2K-f 125.89.221.176 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 78ceaae025
[Firefox:14 hits: 11-22 to 01-12] none[3] none:none
UPX| none trace

T:22:07:00 Win2K-f 38.98.243.230 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:12:00 Win2K-f 122.55.197.141 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:21:00 Win2K-f 201.173.6.116 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:969 hits: 11-30 to 01-17] none[3] none:none
StarForce| none trace

22:24:00 Win2K-f 194.176.114.143 (ELCITY.RU):
ELECTRONNIY GOROD LTD,
RU. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:29:00 Win2K-f 196.2.194.11 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 29b0ab6522
[Firefox: 7 hits: 11-24 to 01-13] none[3] none:none
UPX| none trace

T:22:32:00 Win2K-f 189.102.16.35 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:32:00 Win2K-f 190.14.252.100 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:36:00 Win2K-f 122.55.197.141 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:40:00 Win2K-f 190.55.227.203 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace

T:22:47:00 Win2K-f 89.19.15.74 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:57:00 Win2K-f 89.19.15.74 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:58:00 Win2K-f 72.18.18.73 (TIERZERO.NET):
JPI STUDIOS,
WEST HOLLYWOOD, CALIFORNIA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 24 of 38 668d660efb
NEW none[3] none:none
UPX| none trace

22:59:00 Win2K-f 189.102.16.35 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:02:00 Win2K-f 58.16.235.200 (-):
CNC GROUP GUIZHOU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:10:00 Win2K-f 58.16.235.200 (-):
CNC GROUP GUIZHOU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:10:00 Win2K-f 85.71.56.60 (IOL.CZ):
XDSL NETWORK-ADSL,
OSTRAVA, MORAVSKOSLEZSKY KRAJ, CZ. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:29:00 Win2K-f 115.81.6.166 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:37:00 Win2K-f 122.123.139.45 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:53:00 Win2K-f 190.220.49.164 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:53:00 Win2K-f 124.107.220.165 (PLDT.NET):
SPCC7300I04_CONSUMER,
PH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:17965 hits: 11-20 to 01-17] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:56:00 Win2K-f 68.92.177.101 (VERNONCOLLEGE.EDU):
VERNON REGIONAL JUNIOR COLLEGE,
DALLAS, TEXAS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1637 hits: 11-24 to 01-17] none[3] none:none
UPX| none trace