Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

28 January 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:11:00 Win2K-f 59.105.92.185 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:16:00 Win2K-f 212.95.46.168 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:00:21:00 Win2K-f 189.43.21.212 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:232 hits: 11-20 to 01-27] 		none[3] none:none
 StarForce| none trace
T:00:21:00 Win2K-f 38.103.173.232 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:22:00 Win2K-f 122.118.229.248 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
00:28:00 Win2K-f 117.42.248.234 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:455 hits: 11-25 to 01-27] 		none[3] none:none
 Armadillo| none trace
00:36:00 Win2K-f 89.19.15.106 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:45:00 Win2K-f 203.69.99.6 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
00:45:00 Win2K-f 200.108.220.203 (DEDICADO.COM.UY):
TECNOWIND S.A,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:00:47:00 Win2K-f 69.25.139.71 (PNAP.NET):
NETUPDATE INC,
BELLEVUE, WASHINGTON, US. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:48:00 Win2K-f 200.51.199.57 (COM.AR):
ADVANCE TELECOMUNICACIONES S.A,
MAR DEL PLATA, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:50:00 Win2K-f 210.3.177.213 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:58:00 Win2K-f 89.19.15.106 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:58:00 Win2K-f 213.33.10.209 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
VIENNA, WIEN, AT. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:59:00 Win2K-f 202.73.46.126 (VQBN.COM):
VIEWQWEST PTE LTD INTERNET SERVICE PROVIDER SINGAPORE,
SINGAPORE, SINGAPORE, SG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:00:00 Win2K-f 94.76.213.228 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:06:00 Win2K-f 77.39.4.234 (STV.RU):
ELECTROSVYAZ STAVROPOL TERRITORY BRANCH OF PJSC UTK,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:11:00 Win2K-f 189.72.170.234 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:26:00 Win2K-f 94.76.213.228 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:27:00 Win2K-f 117.42.248.234 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:455 hits: 11-25 to 01-27] 		none[3] none:none
 Armadillo| none trace
T:01:35:00 Win2K-f 202.73.46.126 (VQBN.COM):
VIEWQWEST PTE LTD INTERNET SERVICE PROVIDER SINGAPORE,
SINGAPORE, SINGAPORE, SG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:40:00 Win2K-f 200.72.253.233 (MAIL.DCS.CL):
ENTEL CHILE S.A,
SANTIAGO, REGION METROPOLITANA, CL. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
01:42:00 Win2K-f 211.75.71.243 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:43:00 Win2K-f 124.8.153.103 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		6 of 37 13e15a653e
[Firefox:45 hits: 11-21 to 01-21] 		none[3] none:none
 UPX| none trace
01:50:00 Win2K-f 114.47.37.105 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:53:00 Win2K-f 92.48.74.75 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:56:00 Win2K-f 87.97.207.201 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:58:00 Win2K-f 87.97.207.201 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:01:00 Win2K-f 114.121.75.245 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:02:08:00 Win2K-f 96.52.129.133 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:08:00 Win2K-f 70.77.113.128 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:11:00 Win2K-f 211.22.177.25 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:12:00 Win2K-f 190.220.124.57 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:02:16:00 Win2K-f 96.10.203.114 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:22:00 Win2K-f 189.43.21.212 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:232 hits: 11-20 to 01-27] 		none[3] none:none
 StarForce| none trace
02:30:00 Win2K-f 151.9.141.102 (46-151.NET24.IT):
INFOSTRADA-CUSTOMERS,
IT. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:32:00 Win2K-f 200.112.151.199 (NET.AR):
BROADBANDTECH S. A,
AR. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:02:34:00 Win2K-f 69.162.64.216 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:51:00 Win2K-f 190.137.19.23 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:56:00 Win2K-f 190.137.19.23 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:59:00 Win2K-f 122.118.53.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:11:00 Win2K-f 117.39.78.170 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:555 hits: 11-26 to 01-27] 		none[3] none:none
 Armadillo| none trace
03:23:00 Win2K-f 118.166.238.114 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:24:00 Win2K-f 200.181.30.2 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:32:00 Win2K-f 59.105.20.79 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:33:00 Win2K-f 66.90.103.211 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 4e6c4dd8b1
[Firefox:50 hits: 11-25 to 01-26] 		none[3] none:none
 StarForce| none trace
T:03:35:00 Win2K-f 59.113.114.1 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:58:00 Win2K-f 125.127.181.74 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:00:00 Win2K-f 91.90.10.92 (SOBORKA.NET):
LSP SOBORKA.NET,
ODESSA, ODES'KA OBLAST, UA. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:02:00 Win2K-f 200.112.151.199 (NET.AR):
BROADBANDTECH S. A,
AR. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:04:04:00 Win2K-f 87.97.208.215 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:555 hits: 11-26 to 01-27] 		none[3] none:none
 Armadillo| none trace
04:28:00 Win2K-f 200.181.30.2 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:55:00 Win2K-f 124.115.126.144 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:04:58:00 Win2K-f 80.92.188.82 (-):
RAILWAYTELECOM,
GE. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:05:04:00 Win2K-f 114.47.193.79 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:05:26:00 Win2K-f 186.9.152.57 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:28:00 Win2K-f 78.39.199.10 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
05:30:00 Win2K-f 190.153.120.253 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
05:40:00 Win2K-f 125.127.181.74 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:47:00 Win2K-f 89.179.43.102 (CORBINA.RU):
BROADBAND CUSTOMERS IN ST. PETERSBURG,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:08:00 Win2K-f 89.179.43.102 (CORBINA.RU):
BROADBAND CUSTOMERS IN ST. PETERSBURG,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:25:00 Win2K-f 210.17.228.100 (PACIFIC.NET.HK):
TMH_FM,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:32:00 Win2K-f 174.36.193.117 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:44:00 Win2K-f 210.92.69.61 (BORA.NET):
BORANET-NET,
SEOUL, KYONGGI-DO, KR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
06:50:00 Win2K-f 190.55.160.160 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:06:56:00 Win2K-f 200.80.208.25 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
LA PLATA, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:15:00 Win2K-f 89.29.140.38 (NOT-ASSIGNED.TVALMANSA.ES):
TV ALMANSA ALMANSA INFRAESTRUCTURE/ACCESS,
ES. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:63 hits: 11-27 to 01-20] 		none[3] none:none
 Armadillo| none trace
07:18:00 Win2K-f 61.143.38.155 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:21:00 Win2K-f 78.8.138.28 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:555 hits: 11-26 to 01-27] 		none[3] none:none
 Armadillo| none trace
07:30:00 Win2K-f 78.107.15.156 (CORBINA.NET):
INVESTELEKTROSVIAZ LTD,
RU. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:41:00 Win2K-f 66.199.235.242 (EZZI.NET):
EZZI.NET,
CHANTILLY, VIRGINIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:44:00 Win2K-f 190.136.146.105 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:48:00 Win2K-f 210.92.69.61 (BORA.NET):
BORANET-NET,
SEOUL, KYONGGI-DO, KR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
07:57:00 Win2K-f 190.136.146.105 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:01:00 Win2K-f 62.120.29.70 (-):
EUNET,
FR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:14:00 Win2K-f 59.117.141.42 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:17:00 Win2K-f 66.199.235.242 (EZZI.NET):
EZZI.NET,
CHANTILLY, VIRGINIA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:27:00 Win2K-f 61.58.107.14 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:788 hits: 11-21 to 01-27] 		none[3] none:none
 StarForce| none trace
08:27:00 Win2K-f 122.121.213.130 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:31:00 Win2K-f 202.59.137.252 (SQUAREGROUP.COM):
SQUARE INFORMATIX LTD,
DHAKA, DHAKA, BD. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:41:00 Win2K-f 62.103.30.11 (ONDSL.GR):
MULTIPROTOCOL SERVICE PROVIDER TO OTHER ISP'S AND END USERS,
ATHENS, ATTIKI, GR. (DSL) 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:08:43:00 Win2K-f 60.49.73.147 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
BATU PAHAT, JOHOR, MY. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:45:00 Win2K-f 61.143.38.155 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:49:00 Win2K-f 60.49.73.147 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
BATU PAHAT, JOHOR, MY. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:50:00 Win2K-f 200.68.97.105 (IPLANNETWORKS.NET):
NSS S.A,
CORDOBA, CORDOBA, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
T:09:02:00 Win2K-f 208.98.1.44 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:06:00 Win2K-f 76.76.97.194 (EXISTSERVERS.COM):
INTERWEB MEDIA,
QUEBEC, CA. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:33:00 Win2K-f 189.23.38.239 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
NATAL, RIO GRANDE DO NORTE, BR. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:36:00 Win2K-f 208.98.1.44 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:41:00 Win2K-f 61.229.147.21 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:47:00 Win2K-f 59.112.248.238 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:47:00 Win2K-f 212.62.123.168 (-):
ICCSOLUTIONS,
SA. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:49:00 Win2K-f 190.64.3.98 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:09:52:00 Win2K-f 196.2.194.55 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 41b6106f52
[Firefox:10 hits: 11-22 to 01-13] 		none[3] none:none
 UPX| none trace
T:09:58:00 Win2K-f 189.58.148.103 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
10:03:00 Win2K-f 92.48.119.37 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:11:00 Win2K-f 89.29.140.38 (NOT-ASSIGNED.TVALMANSA.ES):
TV ALMANSA ALMANSA INFRAESTRUCTURE/ACCESS,
ES. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:63 hits: 11-27 to 01-20] 		none[3] none:none
 Armadillo| none trace
10:14:00 Win2K-f 122.121.162.53 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:24:00 Win2K-f 86.34.128.205 (ROMTELECOM.NET):
ROMTELECOM DATA NETWORK,
RO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:25:00 Win2K-f 92.48.119.37 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:40:00 Win2K-f 200.68.97.105 (IPLANNETWORKS.NET):
NSS S.A,
CORDOBA, CORDOBA, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
T:10:44:00 Win2K-f 190.128.1.254 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:111 hits: 11-29 to 01-26] 		none[3] none:none
 UPX| none trace
T:10:56:00 Win2K-f 122.121.162.53 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:58:00 Win2K-f 189.123.168.0 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
11:03:00 Win2K-f 66.90.104.250 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:06:00 Win2K-f 189.123.168.0 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:11:23:00 Win2K-f 59.112.248.238 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:23:00 Win2K-f 200.110.172.52 (-):
CABLE UNIN DE OCCIDENTE,
PEREIRA, RISARALDA, CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:42:00 Win2K-f 78.82.253.85 (TELENOR.SE):
TELENOR BUSINESS SOLUTION AB,
SE. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:45:00 Win2K-f 64.76.3.170 (NET.AR):
IMPSAT ARGENTINA,
AR. (100Mbps) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:788 hits: 11-21 to 01-27] 		none[3] none:none
 StarForce| none trace
T:11:46:00 Win2K-f 221.120.123.74 (SINGNET.COM.SG):
SINGAPORE TELECOMMUNICATIONS LTD,
SG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:50:00 Win2K-f 218.75.13.106 (-):
XIANJU DONGFANG HOTEL,
DONGFANG, ZHEJIANG, CN. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:56:00 Win2K-f 186.9.171.202 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:59:00 Win2K-f 189.83.49.130 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:07:00 Win2K-f 194.97.241.122 (PPPOOL.DE):
FREENET CITYLINE GMBH,
DE. (DIAL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:788 hits: 11-21 to 01-27] 		none[3] none:none
 StarForce| none trace
12:10:00 Win2K-f 203.70.152.127 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:788 hits: 11-21 to 01-27] 		none[3] none:none
 StarForce| none trace
12:12:00 Win2K-f 87.97.202.47 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:12:00 Win2K-f 186.9.139.218 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:12:00 Win2K-f 84.228.109.217 (INTER.NET.IL):
SMILE INTERNET GOLD,
JERUSALEM, YERUSHALAYIM (JERUSALEM), IL. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:12:25:00 Win2K-f 118.232.48.127 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:26:00 Win2K-f 186.9.139.218 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:26:00 Win2K-f 122.26.153.82 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:29:00 Win2K-f 81.12.9.53 (-):
PIROOZ,
IR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
12:30:00 Win2K-f 119.96.157.207 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
12:42:00 Win2K-f 81.12.9.53 (-):
PIROOZ,
IR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
12:43:00 Win2K-f 84.228.109.217 (INTER.NET.IL):
SMILE INTERNET GOLD,
JERUSALEM, YERUSHALAYIM (JERUSALEM), IL. 		n/a   445 pcap raw alerts
ruleset 		http
2 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
12:45:00 Win2K-f 77.57.196.34 (SOLPA.NET):
CABLECOM,
CH. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:56:00 Win2K-f 200.165.210.118 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:455 hits: 11-25 to 01-27] 		none[3] none:none
 Armadillo| none trace
T:13:03:00 WinXP 173.28.203.163 (-):
. 		n/a RU:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:1039 hits: 05-01 to 01-16] 		none[0] none:none
 PolyEnE| lines=68 trace
13:09:00 Win2K-f 82.99.254.34 (-):
PARSONLINE CORP,
TEHRAN, TEHRAN, IR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:13:16:00 Win2K-f 190.51.92.24 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:22:00 Win2K-f 125.224.51.34 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:24:00 Win2K-f 200.71.98.112 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:31:00 Win2K-f 125.224.51.34 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:34:00 Win2K-f 211.20.204.168 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:36:00 Win2K-f 83.97.238.20 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:44:00 Win2K-f 118.232.48.127 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:50:00 Win2K-f 190.0.78.216 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
13:51:00 Win2K-f 209.105.146.64 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:13:52:00 Win2K-f 201.89.88.140 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:59:00 Win2K-f 203.67.156.162 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:00:00 Win2K-f 189.83.49.130 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:08:00 Win2K-f 203.67.49.253 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:10:00 Win2K-f 77.23.183.73 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:11:00 Win2K-f 78.82.253.85 (TELENOR.SE):
TELENOR BUSINESS SOLUTION AB,
SE. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:12:00 Win2K-f 190.0.78.216 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
14:32:00 Win2K-f 59.115.79.182 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:34:00 Win2K-f 203.67.156.162 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:36:00 Win2K-f 201.173.10.173 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
14:38:00 Win2K-f 201.173.10.173 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
14:49:00 Win2K-f 67.112.174.28 (PACBELL.NET):
WEINGART CENTER ASSOC,
SAN FRANCISCO, CALIFORNIA, US. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:55:00 Win2K-f 200.75.227.128 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:14:58:00 Win2K-f 116.59.135.8 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:02:00 Win2K-f 82.99.254.34 (-):
PARSONLINE CORP,
TEHRAN, TEHRAN, IR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
15:16:00 Win2K-f 125.228.249.62 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:24:00 Win2K-f 186.0.34.39 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:25:00 Win2K-f 190.90.110.159 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
15:27:00 Win2K-f 72.9.99.34 (EZZI.NET):
EZZI.NET,
NEW YORK, NEW YORK, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:35:00 Win2K-f 83.97.238.20 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:48:00 WinXP 68.146.31.201 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 		89.208.35.28:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 32 5818023061
[Firefox: 8 hits: 10-26 to 11-20] 		a227e5e49d [0] ASM:Graph
 PolyEnE| lines=68 trace
T:16:02:00 Win2K-f 190.208.92.107 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:05:00 Win2K-f 186.0.34.39 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:08:00 Win2K-f 72.9.99.34 (EZZI.NET):
EZZI.NET,
NEW YORK, NEW YORK, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:16:00 Win2K-f 62.82.120.124 (AUNA.NET):
AUNA S.A.U,
BARCELONA, CATALUñA, ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
16:19:00 Win2K-f 151.9.89.62 (46-151.NET24.IT):
INFOSTRADA-CUSTOMERS,
PADOVA, VENETO, IT. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:21:00 Win2K-f 81.13.191.55 (-):
IP DHCP,
SION, VALAIS, CH. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:28:00 Win2K-f 87.102.153.140 (INTERGGA.CH):
BREITBAND.CH CABLETV INTERNET,
CH. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:30:00 Win2K-f 122.118.241.143 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:37:00 Win2K-f 81.9.129.227 (CM-81-9-134-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:39:00 Win2K-f 190.208.92.107 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:52:00 Win2K-f 122.118.228.241 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:57:00 Win2K-f 190.208.74.64 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:57:00 Win2K-f 69.162.64.220 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:03:00 Win2K-f 122.121.103.245 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:09:00 Win2K-f 190.246.204.7 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:17:12:00 Win2K-f 190.208.74.64 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		6 of 37 13e15a653e
[Firefox:45 hits: 11-21 to 01-21] 		none[3] none:none
 UPX| none trace
17:13:00 Win2K-f 59.124.25.4 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:18:00 Win2K-f 190.97.159.167 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 2bb18aceee
[Firefox: 2 hits: 11-30 to 01-21] 		none[3] none:none
 UPX| none trace
17:21:00 Win2K-f 66.98.79.67 (CODETEL.NET.DO):
VERIZON DOMINICANA,
SANTIAGO, SANTIAGO, DO. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:17:25:00 Win2K-f 61.217.224.139 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
T:17:32:00 Win2K-f 218.40.122.103 (CATVNET.NE.JP):
CATV NETWORK SERVICES(STNET INCORPORATED),
HIMEJI, HYOGO, JP. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:17:40:00 Win2K-f 200.49.19.199 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		139 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:63 hits: 11-27 to 01-20] 		none[3] none:none
 Armadillo| none trace
17:41:00 Win2K-f 220.175.183.20 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:47:00 Win2K-f 220.175.183.20 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:48:00 Win2K-f 190.224.196.65 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
17:55:00 Win2K-f 210.24.8.125 (PACIFIC.NET.SG):
PACIFIC INTERNET LIMITED,
SG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:57:00 Win2K-f 221.126.127.200 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:00:00 Win2K-f 200.49.19.199 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:63 hits: 11-27 to 01-20] 		none[3] none:none
 Armadillo| none trace
18:11:00 Win2K-f 125.224.88.167 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:16:00 Win2K-f 89.44.245.132 (-):
SC EUROCABLE SRL,
TIMISOARA, TIMIS, RO. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:17:00 Win2K-f 66.63.177.53 (IITALKED.INFO):
OC3 NETWORKS & WEB SOLUTIONS LLC,
CYNTHIANA, KENTUCKY, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:17:00 Win2K-f 220.133.54.170 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:31:00 Win2K-f 72.9.156.76 (LIVEHELPENGINE.COM):
TAILOR MADE SERVERS,
CARROLLTON, TEXAS, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
18:32:00 Win2K-f 83.97.238.20 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:34:00 Win2K-f 125.224.88.167 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:43:00 Win2K-f 59.115.23.70 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:47:00 Win2K-f 61.217.224.139 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
18:48:00 Win2K-f 123.204.150.85 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:51:00 Win2K-f 190.220.94.17 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:18:53:00 Win2K-f 122.118.241.143 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:06:00 Win2K-f 59.115.23.70 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:07:00 Win2K-f 190.54.196.103 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:455 hits: 11-25 to 01-27] 		none[3] none:none
 Armadillo| none trace
T:19:13:00 Win2K-f 59.114.12.38 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:13:00 Win2K-f 59.114.12.38 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:14:00 Win2K-f 200.71.100.19 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:15:00 Win2K-f 221.126.127.200 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:18:00 Win2K-f 200.71.99.15 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:21:00 Win2K-f 122.122.113.214 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
19:26:00 Win2K-f 67.215.231.2 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:40:00 Win2K-f 119.77.237.48 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:45:00 Win2K-f 59.105.193.125 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:49:00 Win2K-f 202.122.17.179 (E-KARNET.NET):
SERVICE PROVIDER,
BANGALORE, KARNATAKA, IN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:52:00 Win2K-f 60.53.110.156 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
SUNGAI PETANI, KEDAH, MY. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:19:53:00 Win2K-f 201.253.4.146 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:20:05:00 Win2K-f 200.71.100.19 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:06:00 Win2K-f 201.172.154.210 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		9 of 38 9877a58a9b
[Firefox: 2 hits: 12-19 to 01-03] 		none[3] none:none
 StarForce| none trace
T:20:09:00 Win2K-f 59.36.145.151 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:20:11:00 Win2K-f 122.169.109.152 (59.AIRTELBROADBAND.IN):
BHARTI INFOTEL LTD,
IN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		21 of 39 4e9e5ed248
NEW 		none[none] none:none
 none|none none none
20:15:00 Win2K-f 60.49.46.18 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
IPOH, PERAK, MY. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:21:00 Win2K-f 59.124.25.4 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:22:00 Win2K-f 203.73.71.107 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:22:00 Win2K-f 196.2.192.77 (MENANET.NET):
AFRINIC,
EG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:30:00 Win2K-f 24.109.30.99 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:31:00 Win2K-f 60.53.110.156 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
SUNGAI PETANI, KEDAH, MY. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:20:36:00 Win2K-f 117.22.205.146 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:37:00 Win2K-f 124.8.120.76 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:37:00 Win2K-f 193.43.17.24 (HONEYA.BDP.IT):
BIBLIOTECA DI DOCUMENTAZIONE PEDAGOGICA,
FIRENZE, TOSCANA, IT. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:40:00 Win2K-f 200.111.193.27 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:52:00 Win2K-f 122.169.109.152 (59.AIRTELBROADBAND.IN):
BHARTI INFOTEL LTD,
IN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1937 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
20:54:00 Win2K-f 67.159.23.2 (BGMEDIASERVER.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:59:00 Win2K-f 59.55.5.170 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:05:00 Win2K-f 200.71.99.13 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:08:00 Win2K-f 58.65.172.34 (DSL.NET.PK):
MICRONET BROADBAND (PVT) LTD,
ISLAMABAD, ISLAMABAD, PK. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:17:00 Win2K-f 173.45.68.100 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:19:00 Win2K-f 203.73.71.107 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:21:20:00 Win2K-f 220.130.233.189 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAINAN, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
21:28:00 Win2K-f 193.43.17.24 (HONEYA.BDP.IT):
BIBLIOTECA DI DOCUMENTAZIONE PEDAGOGICA,
FIRENZE, TOSCANA, IT. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		139 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:30:00 Win2K-f 123.97.114.25 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:21:33:00 Win2K-f 67.215.231.2 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:38:00 Win2K-f 190.208.70.40 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1756 hits: 11-24 to 01-27] 		none[3] none:none
 UPX| none trace
T:21:40:00 Win2K-f 173.45.68.100 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:46:00 Win2K-f 123.97.114.25 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
21:46:00 Win2K-f 59.36.145.151 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:51:00 Win2K-f 200.7.99.234 (GENESISBCI.NET):
AP CELDA 1 - OTASSCA,
VE. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:53:00 Win2K-f 118.169.34.122 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:54:00 Win2K-f 219.91.73.157 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:00:00 Win2K-f 219.91.73.157 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:05:00 Win2K-f 203.189.68.253 (DPMCO.COM):
MTT NETWORK (PVT.) LTD,
LK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:21:00 Win2K-f 62.33.125.138 (TRANSTELECOM.NET):
TRANS-TELECOM,
RU. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:26:00 Win2K-f 210.3.195.123 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:788 hits: 11-21 to 01-27] 		none[3] none:none
 StarForce| none trace
22:29:00 Win2K-f 118.232.23.27 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:33:00 Win2K-f 59.125.206.92 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:39:00 Win2K-f 114.44.226.190 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:48:00 Win2K-f 114.40.21.65 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:48:00 Win2K-f 118.232.46.123 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:55:00 Win2K-f 219.91.95.156 (APOL.COM.TW):
ASIA PACIFIC ON-LINE SERVICES INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:55:00 Win2K-f 69.162.64.115 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:02:00 Win2K-f 218.163.187.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:06:00 Win2K-f 200.46.107.122 (PSINETPA.NET):
NET2NET CORP,
PANAMA CITY, PANAMA, PA. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:09:00 Win2K-f 200.71.99.15 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:16:00 Win2K-f 122.169.105.170 (122.AIRTELBROADBAND.IN):
ABTS-WEST-DSL-9376-MUM,
MUMBAI, MAHARASHTRA, IN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:17:00 Win2K-f 220.130.233.189 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAINAN, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1037 hits: 11-30 to 01-27] 		none[3] none:none
 StarForce| none trace
T:23:23:00 Win2K-f 219.105.84.9 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
JP. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:25:00 Win2K-f 59.116.37.252 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:35:00 Win2K-f 220.175.189.199 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
T:23:38:00 Win2K-f 119.77.173.171 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:39:00 Win2K-f 69.162.64.115 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:45:00 Win2K-f 220.175.189.199 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:870 hits: 11-22 to 01-27] 		none[3] none:none
 UPX| none trace
23:48:00 Win2K-f 91.99.98.30 (-):
PARS,
IR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:49:00 Win2K-f 200.46.107.122 (PSINETPA.NET):
NET2NET CORP,
PANAMA CITY, PANAMA, PA. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19207 hits: 11-20 to 01-27] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace