Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

26 January 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
16:56:00 Win2K-f 122.118.237.114 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com 445 pcap raw alerts
ruleset 		http
7 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:02:00 Win2K-f 64.32.66.175 (CODETEL.NET.DO):
VERIZON DOMINICANA,
DO. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
17:03:00 Win2K-f 190.254.58.20 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
10 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
T:17:09:00 Win2K-f 186.9.76.111 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:15:00 Win2K-f 97.65.1.102 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:25:00 Win2K-f 200.114.32.21 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:29:00 Win2K-f 124.8.122.82 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
9 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:35:00 Win2K-f 190.220.91.13 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
T:17:36:00 Win2K-f 210.3.148.168 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:37:00 Win2K-f 194.102.43.101 (ICC.RO):
IASI COUNTY COUNCIL,
IASI, IASI, RO. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:42:00 Win2K-f 190.138.229.65 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
10 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
17:44:00 Win2K-f 88.102.75.52 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
17:46:00 Win2K-f 59.63.37.35 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:53:00 Win2K-f 164.77.239.10 (ENTELCHILE.NET):
ISAPRE BANMEDICA,
SANTIAGO, REGION METROPOLITANA, CL. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:59:00 Win2K-f 115.43.213.181 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:02:00 Win2K-f 59.105.92.244 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
9 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:02:00 Win2K-f 121.127.7.105 (IP-CONVERGE.COM):
IP-CONVERGE INTERNET DATA CENTER,
PH. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
9 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:09:00 Win2K-f 124.8.185.51 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:10:00 Win2K-f 203.73.57.5 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:11:00 Win2K-f 59.105.92.244 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
9 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:12:00 Win2K-f 194.102.43.101 (ICC.RO):
IASI COUNTY COUNCIL,
IASI, IASI, RO. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:15:00 Win2K-f 164.77.239.10 (ENTELCHILE.NET):
ISAPRE BANMEDICA,
SANTIAGO, REGION METROPOLITANA, CL. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:16:00 Win2K-f 190.128.80.215 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:110 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:18:22:00 Win2K-f 86.20.105.202 (NTL.COM):
NTL INFRASTRUCTURE - BIRMINGHAM,
UK. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
9 lines 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:224 hits: 12-19 to 01-22] 		none[3] none:none
 MEW| none trace
18:27:00 Win2K-f 200.109.100.234 (CANTV.NET):
CANTV SERVICIOS VENEZUELA,
VE. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:35:00 Win2K-f 186.9.76.111 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:42:00 Win2K-f 121.127.7.105 (IP-CONVERGE.COM):
IP-CONVERGE INTERNET DATA CENTER,
PH. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:47:00 Win2K-f 86.20.105.202 (NTL.COM):
NTL INFRASTRUCTURE - BIRMINGHAM,
UK. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:224 hits: 12-19 to 01-22] 		none[3] none:none
 MEW| none trace
T:18:51:00 Win2K-f 190.220.117.11 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:54:00 Win2K-f 91.189.105.3 (-):
TRIDENT MEDIGUARD,
FR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:55:00 Win2K-f 119.63.80.149 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:55:00 Win2K-f 122.118.237.114 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:01:00 Win2K-f 189.2.191.2 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
7 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
19:03:00 Win2K-f 59.95.16.172 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		9 of 38 e1a2e3980d
[Firefox:28 hits: 12-05 to 01-17] 		none[3] none:none
 UPX| none trace
T:19:05:00 Win2K-f 58.54.57.235 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org 		445 pcap raw alerts
ruleset 		http
8 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:08:00 Win2K-f 190.220.117.11 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:25:00 Win2K-f 200.54.170.195 (CUST.TIE.CL):
TELEFONICA EMPRESAS,
SANTIAGO, REGION METROPOLITANA, CL. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:26:00 Win2K-f 190.60.35.32 (IFXNETWORKS.COM):
IFX NETWORKS COLOMBIA,
CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
19:31:00 Win2K-f 122.118.237.114 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:45:00 Win2K-f 58.45.91.76 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 4e6c4dd8b1
[Firefox:49 hits: 11-25 to 01-15] 		none[3] none:none
 StarForce| none trace
T:19:51:00 Win2K-f 85.114.131.58 (FASTIT.NET):
FASTIT-DE-DUS1-COLO,
DE. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:57:00 Win2K-f 190.60.35.32 (IFXNETWORKS.COM):
IFX NETWORKS COLOMBIA,
CO. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
20:02:00 Win2K-f 118.232.12.212 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:02:00 Win2K-f 190.208.109.123 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:03:00 Win2K-f 83.243.114.110 (CABLESURF.DE):
KABELFERNSEHEN-MUENCHEN-NET,
MUNICH, BAYERN, DE. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:06:00 Win2K-f 88.172.181.250 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
T:20:13:00 Win2K-f 118.232.12.212 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:37:00 Win2K-f 121.120.77.97 (MAXIS.NET.MY):
MAXIS COMMUNICATIONS BHD,
MY. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
T:20:45:00 Win2K-f 89.19.15.2 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:48:00 Win2K-f 186.9.23.172 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
20:50:00 Win2K-f 89.19.15.2 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:50:00 Win2K-f 120.50.0.50 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:53:00 Win2K-f 88.102.75.52 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:56:00 Win2K-f 82.255.59.91 (PROXAD.NET):
PROXAD / FREE SAS,
MARSEILLE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:09:00 Win2K-f 125.90.100.140 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:15:00 Win2K-f 125.90.100.140 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:21:00 Win2K-f 189.38.246.132 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
21:31:00 Win2K-f 209.31.49.36 (XO.NET):
XO COMMUNICATIONS,
RESTON, VIRGINIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:41:00 Win2K-f 62.242.44.57 (PAISDN.TELE.DK):
JOHNNY-NIEMANN-NET,
DK. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:48:00 Win2K-f 85.124.213.163 (INODE.AT):
LANDESVERBAND BOWLING WIEN,
WIEN, WIEN, AT. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:59:00 Win2K-f 190.128.118.18 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:862 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
21:59:00 Win2K-f 201.82.171.168 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:07:00 Win2K-f 218.172.53.56 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:17:00 Win2K-f 204.117.211.110 (PB.NET):
POINT BLANK LTD,
NEW YORK, NEW YORK, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:26:00 Win2K-f 218.164.227.131 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:30:00 Win2K-f 210.3.77.77 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:33:00 Win2K-f 210.3.77.77 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:33:00 Win2K-f 125.22.105.58 (125.AIRTELBROADBAND.IN):
BHARTI INFOTEL LTD. (BBANDTS KK),
BANGALORE, KARNATAKA, IN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 38 4f6b51ea3b
[Firefox:224 hits: 12-19 to 01-22] 		none[3] none:none
 MEW| none trace
22:43:00 Win2K-f 222.77.135.236 (163DATA.COM.CN):
CHINANET FUJIAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1922 hits: 11-22 to 01-22] 		none[3] none:none
 UPX| none trace
T:22:45:00 Win2K-f 119.15.253.22 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:228 hits: 11-20 to 01-22] 		none[3] none:none
 StarForce| none trace
T:22:46:00 Win2K-f 196.2.194.77 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 0784acb08f
[Firefox: 6 hits: 11-21 to 01-21] 		none[3] none:none
 UPX| none trace
T:22:51:00 Win2K-f 212.72.182.109 (EKB-KIESERLING.DE):
ARTFILES NEW MEDIA GMBH,
HAMBURG, HAMBURG, DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:59:00 Win2K-f 203.73.158.232 (HI-SQUARE.COM.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:06:00 Win2K-f 123.195.38.181 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:09:00 Win2K-f 200.110.183.50 (COM.AR):
COOPERATIVA RURAL ELECTRICA DE BRAGADO LTDA,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:09:00 Win2K-f 59.113.158.169 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 fcb4920986
[Firefox:72 hits: 11-21 to 01-22] 		none[3] none:none
 UPX| none trace
23:11:00 Win2K-f 196.2.194.77 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:20:00 Win2K-f 84.42.18.142 (TVER.RU):
MSS TVER REGION,
RU. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:40:00 Win2K-f 91.189.105.21 (-):
TRIDENT MEDIGUARD,
FR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:42:00 Win2K-f 121.120.77.97 (MAXIS.NET.MY):
MAXIS COMMUNICATIONS BHD,
MY. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1722 hits: 11-24 to 01-22] 		none[3] none:none
 UPX| none trace
T:23:43:00 Win2K-f 217.65.93.90 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:45:00 Win2K-f 212.72.182.109 (EKB-KIESERLING.DE):
ARTFILES NEW MEDIA GMBH,
HAMBURG, HAMBURG, DE. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:47:00 Win2K-f 119.77.204.243 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		139 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:52:00 Win2K-f 123.195.83.65 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:18950 hits: 11-20 to 01-22] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace