Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

21 January 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:07:00 Win2K-f 218.168.3.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

00:10:00 Win2K-f 203.73.207.235 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:13:00 Win2K-f 60.54.114.187 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:19:00 Win2K-f 77.92.159.42 (-):
HOSTING INTERNET HIZMETLERI LTD STI,
TR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:45:00 Win2K-f 61.31.170.50 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:00:46:00 Win2K-f 58.22.202.248 (-):
SANMING CITY FUJIAN PROVINCIAL NETWORK OF CNCGROUP,
FUJIAN, FUJIAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

T:00:46:00 Win2K-f 60.54.114.187 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:47:00 Win2K-f 218.168.3.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 13 of 38 6a6ca06846
[Firefox: 2 hits: 01-03 to 01-09] none[3] none:none
UPX| none trace

00:47:00 Win2K-f 121.33.0.31 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:53:00 Win2K-f 118.160.38.204 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:59:00 Win2K-f 118.232.5.157 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:04:00 Win2K-f 203.67.193.247 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:06:00 Win2K-f 114.44.187.78 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

01:11:00 Win2K-f 217.162.34.139 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:17:00 Win2K-f 217.162.34.139 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:18:00 Win2K-f 61.115.42.71 (WAKWAK.NE.JP):
NTT-ME CORPORATION,
KOH SAMUI, SURAT THANI, TH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:20:00 Win2K-f 194.8.75.103 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:01:26:00 Win2K-f 117.65.36.165 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:29:00 Win2K-f 59.116.128.211 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

T:01:30:00 Win2K-f 38.108.212.30 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:38:00 Win2K-f 212.112.227.68 (IPXSERVER.DE):
IPX SERVER GMBH,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:52:00 Win2K-f 59.125.215.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:55:00 Win2K-f 118.232.54.209 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 22d5ef2189
[Firefox: 3 hits: 11-22 to 12-13] none[3] none:none
UPX| none trace

T:02:03:00 Win2K-f 118.160.38.204 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:07:00 Win2K-f 118.232.54.209 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 6 of 37 13e15a653e
[Firefox:44 hits: 11-21 to 01-18] none[3] none:none
UPX| none trace

T:02:14:00 Win2K-f 192.116.195.56 (INTER.NET.IL):
SURF & CALL SOLUTIONS,
TEL AVIV, TEL AVIV, IL. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:26:00 Win2K-f 59.125.215.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:32:00 Win2K-f 203.73.207.235 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:45:00 Win2K-f 203.67.193.247 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:48:00 Win2K-f 212.89.27.130 (CM-212-89-26-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:50:00 Win2K-f 114.44.98.156 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:56:00 Win2K-f 200.112.136.103 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

T:03:00:00 Win2K-f 219.105.110.38 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
JP. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:03:23:00 Win2K-f 78.83.196.175, 94.102.6.21 (INVALID IPV4 ADDRESS):
INVALID IPV4 ADDRESS,
INVALID IPV4 ADDRESS, INVALID IPV4 ADDRESS, INVALID IPV4 ADDRESS. (INVALID IPV4 ADDRESS) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:24:00 Win2K-f 190.50.55.98 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:29:00 Win2K-f 82.12.211.31 (NTL.COM):
NTL INFRASTRUCTURE - WALTHAM PARK,
NOTTINGHAM, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:03:37:00 Win2K-f 220.136.214.22 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:40:00 Win2K-f 124.8.48.237 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:41:00 Win2K-f 219.105.110.38 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
JP. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:03:53:00 Win2K-f 200.112.136.103 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

T:03:53:00 Win2K-f 84.16.230.100 (INTERNETSERVICETEAM.COM):
NETDIREKT E.K,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

03:57:00 Win2K-f 84.110.165.187 (BEZEQINT.NET):
BEZEQINT-CABLES,
IL. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:00:00 Win2K-f 200.93.184.42 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:07:00 Win2K-f 190.50.55.98 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:14:00 Win2K-f 84.16.230.100 (INTERNETSERVICETEAM.COM):
NETDIREKT E.K,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

04:15:00 Win2K-f 220.136.214.22 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:21:00 Win2K-f 84.110.165.187 (BEZEQINT.NET):
BEZEQINT-CABLES,
IL. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:21:00 Win2K-f 82.12.211.31 (NTL.COM):
NTL INFRASTRUCTURE - WALTHAM PARK,
NOTTINGHAM, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

04:21:00 Win2K-f 121.23.203.213 (-):
CNC GROUP HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:31:00 Win2K-f 78.39.198.67 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:04:33:00 Win2K-f 119.103.126.71 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:53:00 Win2K-f 86.99.93.223 (NET.AE):
EMIRATES TELECOMMUNICATIONS CORPORATION,
DUBAI, DUBAI, AE. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:54:00 Win2K-f 119.103.126.71 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:56:00 Win2K-f 124.8.48.237 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:06:00 Win2K-f 189.45.47.11 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

05:21:00 Win2K-f 122.124.165.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:05:24:00 Win2K-f 121.23.203.213 (-):
CNC GROUP HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:29:00 Win2K-f 212.33.94.181 (-):
ADDRESS SPACE FOR TECHNICAL UNIVERSITY,
BIALYSTOK, PODLASKIE, PL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:35:00 Win2K-f 210.3.73.47 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:35:00 Win2K-f 59.104.16.158 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:36:00 Win2K-f 208.73.49.41 (THOMASJEFFERSONPLANET.COM):
TRIPLE8 NETWORK INC,
GARDENA, CALIFORNIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:37:00 Win2K-f 194.87.13.191 (FXCLUB.ORG):
DEMOS COLOCATION CLIENTS,
MOSCOW, MOSKVA, RU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:46:00 Win2K-f 123.52.51.76 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 10 of 39 58385b93ce
NEW none[3] none:none
UPX| none trace

05:48:00 Win2K-f 61.17.209.108 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:48:00 Win2K-f 219.91.113.151 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:53:00 Win2K-f 123.195.1.150 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:58:00 Win2K-f 122.124.165.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:21:00 Win2K-f 61.17.209.108 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:23:00 Win2K-f 83.97.224.198 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:26:00 Win2K-f 83.173.130.200 (ONO.COM):
CLIENTES DE CABLEMODEMS,
ES. n/a 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:35:00 Win2K-f 65.23.113.5 (NUVOX.NET):
NEWSOUTH COMMUNICATIONS,
CHARLOTTE, NORTH CAROLINA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:40:00 Win2K-f 122.160.32.218 (122.AIRTELBROADBAND.IN):
ABTS-DSL-8972-DEL,
DELHI, DELHI, IN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

06:49:00 Win2K-f 82.12.211.31 (NTL.COM):
NTL INFRASTRUCTURE - WALTHAM PARK,
NOTTINGHAM, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

06:49:00 Win2K-f 83.97.224.198 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:51:00 Win2K-f 85.152.217.135 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:53:00 Win2K-f 208.73.49.41 (THOMASJEFFERSONPLANET.COM):
TRIPLE8 NETWORK INC,
GARDENA, CALIFORNIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:11:00 Win2K-f 202.149.44.179 (EXATT.NET):
POWERNET,
MUMBAI, MAHARASHTRA, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:22:00 Win2K-f 218.175.173.197 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:29:00 Win2K-f 89.28.116.62 (89-28-0-10.STARNET.MD):
STARNET,
CHISINAU, CHISINAU, MD. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:30:00 Win2K-f 123.195.82.131 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:34:00 Win2K-f 85.117.2.71 (ZICOM.PL):
ZICOM WIM ZIELINSKI SPOLKA JAWNA,
PL. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:41:00 Win2K-f 190.0.83.162 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

T:07:44:00 Win2K-f 200.117.52.198 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:45:00 Win2K-f 93.124.59.193 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:56:00 Win2K-f 61.20.170.224 (-):
FAR EASTONE TELECOMMUNICATION CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:03:00 Win2K-f 77.22.70.124 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:06:00 Win2K-f 89.28.116.62 (89-28-0-10.STARNET.MD):
STARNET,
CHISINAU, CHISINAU, MD. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:07:00 Win2K-f 190.173.197.153 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:14:00 Win2K-f 93.93.169.32 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:14:00 Win2K-f 190.64.177.85 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

T:08:20:00 Win2K-f 59.33.44.153 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

T:08:20:00 Win2K-f 82.252.48.44 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:26:00 Win2K-f 122.13.91.222 (-):
XIN XIN LING,
CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

08:27:00 Win2K-f 189.22.250.2 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
BR:189.22.250.2:5851
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:31:00 Win2K-f 38.96.240.33 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

T:08:33:00 Win2K-f 125.89.221.34 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

T:08:39:00 Win2K-f 190.0.77.248 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:08:41:00 Win2K-f 123.195.0.160 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:44:00 Win2K-f 82.252.48.44 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:53:00 Win2K-f 210.3.156.202 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:10:00 Win2K-f 95.104.28.140 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

09:15:00 Win2K-f 190.49.7.251 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:156 hits: 11-29 to 01-20] none[3] none:none
UPX| none trace

09:20:00 Win2K-f 86.20.105.202 (NTL.COM):
NTL INFRASTRUCTURE - BIRMINGHAM,
UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

T:09:35:00 Win2K-f 203.73.84.110 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:39:00 Win2K-f 66.38.215.11 (GROUPTELECOM.NET):
MEADE WILLIS INC,
MONTREAL, QUEBEC, CA. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

T:09:45:00 Win2K-f 200.107.37.53 (SECAP.GOV.EC):
SECAP,
QUITO, PICHINCHA, EC. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

T:09:49:00 Win2K-f 190.0.83.162 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

09:52:00 Win2K-f 200.107.37.53 (SECAP.GOV.EC):
SECAP,
QUITO, PICHINCHA, EC. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

T:09:59:00 Win2K-f 190.173.197.153 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:04:00 Win2K-f 66.38.215.11 (GROUPTELECOM.NET):
MEADE WILLIS INC,
MONTREAL, QUEBEC, CA. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

10:04:00 Win2K-f 203.73.84.110 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:11:00 Win2K-f 201.74.121.59 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:16:00 Win2K-f 211.75.227.134 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:10:17:00 Win2K-f 200.45.119.218 (NET.AR):
COLSECOR LTDA,
LA PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:10:43:00 Win2K-f 121.96.32.20 (BTI.NET.PH):
BAYAN TELECOMMUNICATION/SKY INTERNET,
QUEZON CITY, MANILA, PH. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:47:00 Win2K-f 201.64.79.22 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

T:10:51:00 Win2K-f 189.17.230.136 (VELOXZONE.COM.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BRAZIL, INDIANA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:01:00 Win2K-f 190.209.43.129 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:05:00 Win2K-f 94.249.18.201 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:07:00 Win2K-f 94.101.136.26 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:21:00 Win2K-f 59.104.98.118 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:11:30:00 Win2K-f 80.7.118.237 (NTL.COM):
BAGULEY,
LONDON, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:11:34:00 Win2K-f 122.127.177.10 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:36:00 Win2K-f 84.61.249.107 (ARCOR-IP.NET):
ARCOR-DSL-NET,
BOCHUM, NORDRHEIN-WESTFALEN, DE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:43:00 Win2K-f 61.63.5.204 (KBTELECOM.NET.TW):
KOOS BROADBAND TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:47:00 Win2K-f 122.127.177.10 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:53:00 Win2K-f 212.9.128.20 (DOT.AT):
DOT TELECOMMUNICATION SERVICE GESMBH,
VIENNA, WIEN, AT. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:54:00 Win2K-f 82.251.111.34 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:56:00 Win2K-f 217.162.166.144 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:449 hits: 11-25 to 01-20] none[3] none:none
Armadillo| none trace

T:12:02:00 Win2K-f 85.152.232.182 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:05:00 Win2K-f 189.15.77.83 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
UBERLâNDIA, MINAS GERAIS, BR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:09:00 Win2K-f 190.220.110.117 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 2bb18aceee
NEW none[3] none:none
UPX| none trace

T:12:10:00 Win2K-f 201.221.114.121 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

12:14:00 Win2K-f 212.9.128.20 (DOT.AT):
DOT TELECOMMUNICATION SERVICE GESMBH,
VIENNA, WIEN, AT. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:24:00 Win2K-f 124.82.189.53 (TM.NET.MY):
TM ADSL SERVICE PROVIDER MALAYSIA,
MY. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:27:00 Win2K-f 222.89.235.42 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:31:00 Win2K-f 124.82.189.53 (TM.NET.MY):
TM ADSL SERVICE PROVIDER MALAYSIA,
MY. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:31:00 Win2K-f 190.49.177.248 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

12:41:00 Win2K-f 222.83.196.34 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:45:00 Win2K-f 81.9.208.84 (CM-81-9-199-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:47:00 Win2K-f 190.49.177.248 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:12:51:00 Win2K-f 94.101.136.26 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:06:00 Win2K-f 70.19.113.121 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
NEW YORK, NEW YORK, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:25:00 Win2K-f 222.89.235.42 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:33:00 Win2K-f 59.105.21.159 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:35:00 Win2K-f 91.67.119.149 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:38:00 Win2K-f 82.106.156.121 (BUSINESS.TELECOMITALIA.IT):
TELECOM ITALIA WIRELINE SERVICES,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:39:00 Win2K-f 81.13.109.42 (RMT.RU):
OAO ROSSIYSKIE ZHELEZNYE DOROGI,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:48:00 Win2K-f 85.152.232.182 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:52:00 Win2K-f 59.114.6.194 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:04:00 Win2K-f 80.97.87.166 (-):
SC PRUTUL SA,
GALATI, GALATI, RO. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:07:00 Win2K-f 212.53.77.11 (NETBENEFIT.CO.UK):
NETBENEFIT COMMERCIAL INTERNET SERVICES PROVIDER,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:08:00 Win2K-f 190.220.49.97 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:14:09:00 Win2K-f 84.126.142.134 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:15:00 Win2K-f 119.77.214.48 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:32:00 Win2K-f 64.118.93.8 (4RWEB.COM):
4RWEB INC,
WEST NEW YORK, NEW JERSEY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

14:35:00 Win2K-f 212.53.77.11 (NETBENEFIT.CO.UK):
NETBENEFIT COMMERCIAL INTERNET SERVICES PROVIDER,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:36:00 Win2K-f 196.2.194.55 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:39:00 Win2K-f 189.15.77.83 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
UBERLâNDIA, MINAS GERAIS, BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:49:00 Win2K-f 119.77.214.48 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:56:00 Win2K-f 196.2.194.55 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:58:00 Win2K-f 201.172.105.141 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

15:11:00 Win2K-f 93.110.7.158 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:17:00 Win2K-f 222.48.14.237 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:18:00 Win2K-f 190.137.6.116 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

15:25:00 Win2K-f 201.168.56.173 (MARCATEL.NET.MX):
MARCATEL,
MONTERREY, NUEVO LEON, MX. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

15:27:00 Win2K-f 190.90.111.69 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:28:00 Win2K-f 91.102.160.197 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:30:00 Win2K-f 61.227.180.18 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:40:00 Win2K-f 190.34.160.202 (MARPESCA.COM):
CABLE & WIRELESS PANAMA,
PA. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:41:00 Win2K-f 59.114.6.194 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:51:00 Win2K-f 60.179.162.48 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:51:00 Win2K-f 91.102.160.197 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:02:00 Win2K-f 80.5.58.73 (NTL.COM):
NTL INFRASTRUCTURE - OLDHAM,
MANCHESTER, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

16:04:00 Win2K-f 81.109.68.76 (NTL.COM):
NTL INFRASTRUCTURE - PETERBOROUGH,
PETERBOROUGH, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:07:00 Win2K-f 95.84.128.127 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:11:00 Win2K-f 190.11.148.110 (COM.AR):
POWER VT S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:16:12:00 Win2K-f 190.34.160.202 (MARPESCA.COM):
CABLE & WIRELESS PANAMA,
PA. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:14:00 Win2K-f 190.50.220.28 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

16:18:00 Win2K-f 66.101.58.50 (SPROCKETDATA.COM):
SPROCKET DATA,
GEORGETOWN, TEXAS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

T:16:24:00 Win2K-f 64.118.93.8 (4RWEB.COM):
4RWEB INC,
WEST NEW YORK, NEW JERSEY, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

16:29:00 Win2K-f 59.112.6.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:29:00 Win2K-f 190.141.155.146 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:36:00 Win2K-f 200.117.144.23 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:42:00 Win2K-f 212.58.116.38 (ALDAGI.COM.GE):
IBERIAPAC,
GE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:857 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:16:44:00 Win2K-f 220.139.204.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:45:00 Win2K-f 187.35.227.165 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:541 hits: 11-26 to 01-20] none[3] none:none
Armadillo| none trace

16:47:00 Win2K-f 190.50.49.190 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:04:00 Win2K-f 190.140.4.14 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:07:00 Win2K-f 59.120.213.241 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:09:00 Win2K-f 190.50.49.190 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:12:00 Win2K-f 190.11.150.236 (COM.AR):
POWER VT S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:14:00 Win2K-f 66.11.120.86 (SUAVEMENTE.NET):
SUAVEMENTE INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:22:00 Win2K-f 81.12.8.194 (-):
PIROOZ,
IR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:449 hits: 11-25 to 01-20] none[3] none:none
Armadillo| none trace

T:17:23:00 Win2K-f 190.49.109.102 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:30:00 Win2K-f 81.12.8.194 (-):
PIROOZ,
IR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:449 hits: 11-25 to 01-20] none[3] none:none
Armadillo| none trace

T:17:38:00 WinXP 8.15.173.245 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. 89.208.35.28:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 35 of 36 b27d73bfcb
[Firefox:74 hits: 10-10 to 01-02] 473c6454ce [0] ASM:Graph
PolyEnE| lines=68 trace

17:39:00 Win2K-f 88.134.54.133 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:17:42:00 Win2K-f 88.134.54.133 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

17:47:00 Win2K-f 24.78.36.190 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:48:00 Win2K-f 59.114.196.110 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:50:00 Win2K-f 91.102.160.197 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:54:00 Win2K-f 203.67.40.179 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:09:00 Win2K-f 222.48.14.237 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:10:00 Win2K-f 220.139.204.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:11:00 Win2K-f 201.172.24.10 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

18:14:00 Win2K-f 212.117.162.187 (-):
EYENET,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:17:00 Win2K-f 200.117.144.23 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:27:00 Win2K-f 59.120.127.83 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:28:00 Win2K-f 201.236.215.60 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:18:35:00 Win2K-f 190.128.79.99 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:39:00 Win2K-f 212.58.116.38 (ALDAGI.COM.GE):
IBERIAPAC,
GE. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:857 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

18:43:00 Win2K-f 190.128.79.99 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:49:00 Win2K-f 201.172.82.47 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

18:50:00 Win2K-f 220.175.169.156 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:51:00 Win2K-f 76.8.208.27 (UCSUGICAL.COM):
OFF CAMPUS TELECOMMUNICATIONS,
US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:53:00 Win2K-f 77.20.15.112 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

18:56:00 Win2K-f 125.86.183.59 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:19:00:00 Win2K-f 24.78.36.190 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:04:00 Win2K-f 190.97.138.203 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:05:00 Win2K-f 201.236.215.60 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

19:12:00 Win2K-f 190.97.138.203 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:12:00 Win2K-f 201.236.210.63 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:108 hits: 11-29 to 01-19] none[3] none:none
UPX| none trace

19:20:00 Win2K-f 114.44.151.163 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:24:00 Win2K-f 201.236.210.63 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:108 hits: 11-29 to 01-19] none[3] none:none
UPX| none trace

T:19:30:00 Win2K-f 220.175.169.156 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:31:00 Win2K-f 60.56.70.252 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:33:00 Win2K-f 125.64.110.127 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:19:37:00 Win2K-f 122.120.65.219 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:47:00 Win2K-f 87.49.67.2 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
ØLSTYKKE, FREDERIKSBORG, DK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:48:00 Win2K-f 85.152.232.161 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:58:00 Win2K-f 59.115.130.217 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:58:00 Win2K-f 59.115.130.217 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:05:00 Win2K-f 85.89.168.24 (NET.PL):
TOYA:NET (PL),
LODZ, LODZKIE, PL. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:08:00 Win2K-f 77.20.15.112 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1003 hits: 11-30 to 01-20] none[3] none:none
StarForce| none trace

20:17:00 Win2K-f 64.76.3.170 (NET.AR):
IMPSAT ARGENTINA,
AR. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:766 hits: 11-21 to 01-20] none[3] none:none
StarForce| none trace

T:20:18:00 Win2K-f 190.0.81.173 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:20:20:00 Win2K-f 85.152.232.161 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:23:00 Win2K-f 210.1.58.115 (-):
REASSIGN TO INFORMATION TECHNOLOGY CENTER DEPARTMENT OF AGRICULTURE,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:27:00 Win2K-f 220.139.204.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:34:00 Win2K-f 78.105.102.76 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:57:00 Win2K-f 190.137.193.179 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:04:00 Win2K-f 190.220.117.11 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:05:00 Win2K-f 124.8.69.124 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:07:00 Win2K-f 122.124.161.82 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:27:00 Win2K-f 121.78.88.45 (-):
KINXINC,
SEOUL, KYONGGI-DO, KR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:29:00 Win2K-f 222.89.235.199 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:34:00 Win2K-f 190.2.0.71 (IPLANNETWORKS.NET):
NSS S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:35:00 Win2K-f 118.160.164.116 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:38:00 Win2K-f 190.137.193.179 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:41:00 Win2K-f 59.112.226.218 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:47:00 Win2K-f 59.112.226.218 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:51:00 Win2K-f 210.192.217.52 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:55:00 Win2K-f 60.56.70.252 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:58:00 Win2K-f 222.89.235.199 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:00:00 Win2K-f 59.99.194.178 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:01:00 Win2K-f 219.80.213.177 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:07:00 Win2K-f 95.69.128.202 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:10:00 Win2K-f 208.105.170.71 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:16:00 Win2K-f 190.55.9.43 (COM.AR):
TELECENTRO S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

T:22:19:00 Win2K-f 59.97.248.218 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:22:00 Win2K-f 200.69.250.249 (IPLANNETWORKS.NET):
NSS S.A,
CORDOBA, CORDOBA, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:33:00 Win2K-f 122.126.121.171 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:38:00 Win2K-f 190.55.9.43 (COM.AR):
TELECENTRO S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1891 hits: 11-22 to 01-20] none[3] none:none
UPX| none trace

22:39:00 Win2K-f 117.32.64.149 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:43:00 Win2K-f 190.2.0.89 (IPLANNETWORKS.NET):
NSS S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:45:00 Win2K-f 208.105.170.71 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:02:00 Win2K-f 190.18.57.9 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:15:00 Win2K-f 190.141.66.117 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:23:17:00 Win2K-f 123.195.254.166 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:18:00 Win2K-f 124.115.51.201 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:20:00 Win2K-f 59.125.77.234 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:24:00 Win2K-f 190.141.66.117 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1683 hits: 11-24 to 01-20] none[3] none:none
UPX| none trace

T:23:26:00 Win2K-f 203.70.120.222 (SEED.NET.TW):
DIGITAL UNITED INC,
KAOHSIUNG, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:28:00 Win2K-f 210.1.58.115 (-):
REASSIGN TO INFORMATION TECHNOLOGY CENTER DEPARTMENT OF AGRICULTURE,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 0784acb08f
[Firefox: 5 hits: 11-21 to 01-04] none[3] none:none
UPX| none trace

T:23:33:00 Win2K-f 93.91.0.95 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:34:00 Win2K-f 59.116.99.99 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:36:00 Win2K-f 93.91.0.95 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:43:00 Win2K-f 121.112.128.129 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:213 hits: 12-19 to 01-20] none[3] none:none
MEW| none trace

23:50:00 Win2K-f 59.97.248.218 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:58:00 Win2K-f 118.20.125.45 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:58:00 Win2K-f 86.17.172.101 (NTL.COM):
NTL INFRASTRUCTURE - LEICESTER,
GLASGOW, SCOTLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:18578 hits: 11-20 to 01-20] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace