Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

29 January 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:08:00 Win2K-f 121.13.214.10 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

00:24:00 Win2K-f 81.52.165.158 (165-WIMAX.SLC.DZ):
SLC WIRELESS NETWORK,
DZ. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:32:00 Win2K-f 190.55.222.181 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

00:38:00 Win2K-f 219.86.186.129 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:38:00 Win2K-f 124.11.168.212 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

T:00:41:00 Win2K-f 122.116.156.36 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:07:00 Win2K-f 190.0.85.225 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:01:11:00 Win2K-f 66.90.103.23 (ON-DEMAND-TECH.COM):
FDC SERVERS.NET LLC,
CHICAGO, ILLINOIS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:18:00 Win2K-f 189.55.220.190 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:21:00 Win2K-f 116.19.226.178 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:23:00 Win2K-f 122.123.99.129 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:25:00 Win2K-f 212.59.11.78 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:28:00 Win2K-f 193.90.59.69 (BLUECOM.NO):
FOLLO ENERGIVERK AS SKI,
SON, AKERSHUS, NO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:36:00 Win2K-f 219.86.186.129 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

01:51:00 Win2K-f 91.189.104.237 (-):
TRIDENT MEDIGUARD,
FR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:52:00 Win2K-f 59.172.68.169 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
WUHAN, HUBEI, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:56:00 Win2K-f 66.117.7.11 (IMPLUX.NET):
IMPLUX LLC,
SAN DIEGO, CALIFORNIA, US. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:56:00 Win2K-f 190.139.77.71 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:17:00 Win2K-f 62.97.80.119 (IP-ZONE.COM):
OPCIONA-ES-NET,
SANTA CRUZ DE TENERIFE, CANARY ISLANDS, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:19:00 Win2K-f 62.97.80.119 (IP-ZONE.COM):
OPCIONA-ES-NET,
SANTA CRUZ DE TENERIFE, CANARY ISLANDS, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:22:00 Win2K-f 90.151.211.86 (PERMONLINE.RU):
OJSC URALSVYAZINFORM,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:23:00 Win2K-f 114.47.236.202 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:37:00 Win2K-f 200.71.105.88 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

02:44:00 Win2K-f 202.42.147.90 (-):
APPCO PTE LTD,
SG. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

T:02:46:00 Win2K-f 95.133.45.56 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:52:00 Win2K-f 82.106.156.123 (BUSINESS.TELECOMITALIA.IT):
TELECOM ITALIA WIRELINE SERVICES,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:54:00 Win2K-f 66.117.7.11 (IMPLUX.NET):
IMPLUX LLC,
SAN DIEGO, CALIFORNIA, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:02:00 Win2K-f 79.38.204.65 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

T:03:05:00 Win2K-f 114.47.236.202 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:12:00 Win2K-f 69.162.64.220 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:14:00 Win2K-f 62.68.48.141 (LTTNET.NET):
PROVIDER LOCAL REGISTRY,
TRIPOLI, TARABULUS, LY. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:15:00 Win2K-f 203.113.113.77 (TOTISP.NET):
TOT INTERNET SERVICE PROVIDER,
BANGKOK, KRUNG THEP MAHANAKHON, TH. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

03:22:00 Win2K-f 94.102.6.224 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:27:00 Win2K-f 119.99.109.132 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:29:00 Win2K-f 211.241.184.77 (KRLINE.NET):
KRNIC,
KR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:34:00 Win2K-f 117.23.30.183 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:38:00 Win2K-f 59.117.167.210 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:47:00 Win2K-f 91.189.104.237 (-):
TRIDENT MEDIGUARD,
FR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 41b6106f52
[Firefox:11 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

T:03:49:00 Win2K-f 202.42.147.90 (-):
APPCO PTE LTD,
SG. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

03:51:00 Win2K-f 210.244.14.223 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:03:00 Win2K-f 210.244.14.223 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:09:00 Win2K-f 94.102.6.224 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:19:00 Win2K-f 119.103.9.113 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

04:22:00 Win2K-f 59.117.171.218 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:27:00 Win2K-f 122.118.75.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:29:00 Win2K-f 122.118.75.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:33:00 Win2K-f 189.38.192.253 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

04:35:00 WinXP 78.172.73.238 (-):
TT ADSL-HUWAEI TTNET DYNAMIC_ACI,
ANKARA, ANKARA, TR. n/a RU:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 35 of 36 6b3beaea1a
[Firefox:41 hits: 10-21 to 11-19] none[none] none:none
none|none none none

04:36:00 Win2K-f 218.75.146.197 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:48:00 Win2K-f 211.20.47.86 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:12:00 Win2K-f 62.22.85.45 (-):
WEBMEDIA MADRID SPAIN,
MADRID, MADRID, ES. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:17:00 Win2K-f 117.23.30.183 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:20:00 Win2K-f 218.75.146.197 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:34:00 Win2K-f 62.68.48.141 (LTTNET.NET):
PROVIDER LOCAL REGISTRY,
TRIPOLI, TARABULUS, LY. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:36:00 Win2K-f 212.37.166.178 (-):
INTRACOM,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 19 of 39 a1c93715b4
NEW none[none] none:none
none|none none none

05:39:00 Win2K-f 201.33.23.130 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:50:00 Win2K-f 59.99.40.145 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:51:00 Win2K-f 62.162.177.195 (-):
ADSL IP SUBNET,
SKOPJE, ARACINOVO, MK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:57:00 Win2K-f 125.88.105.38 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

06:13:00 Win2K-f 211.20.47.86 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:15:00 Win2K-f 78.153.240.46 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:24:00 Win2K-f 78.153.240.46 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:33:00 Win2K-f 61.47.57.117 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:33:00 Win2K-f 58.27.224.163 (-):
NATIONAL WIMAX/IMS ENVIRONMENT,
PK. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:35:00 Win2K-f 125.88.105.38 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

T:06:41:00 Win2K-f 208.98.17.251 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:43:00 Win2K-f 212.37.166.178 (-):
INTRACOM,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

06:47:00 Win2K-f 211.20.47.73 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:59:00 Win2K-f 87.121.3.20 (-):
NETERRA-TELECABLENET-NET,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:558 hits: 11-26 to 01-28] none[3] none:none
Armadillo| none trace

07:10:00 Win2K-f 117.69.44.113 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:228 hits: 12-19 to 01-27] none[3] none:none
MEW| none trace

07:37:00 Win2K-f 208.98.17.251 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:42:00 Win2K-f 87.121.3.20 (-):
NETERRA-TELECABLENET-NET,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:558 hits: 11-26 to 01-28] none[3] none:none
Armadillo| none trace

07:52:00 Win2K-f 91.65.175.13 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:55:00 Win2K-f 124.81.42.242 (CARSURIN.COM):
PT INDOSAT MEGA MEDIA,
ID. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:55:00 Win2K-f 58.59.240.169 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:06:00 Win2K-f 69.64.173.37 (ILAND.COM):
ILAND INTERNET SOLUTIONS CORPORATION,
US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:19:00 Win2K-f 79.170.7.14 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:28:00 Win2K-f 200.118.250.118 (CABLE.NET.CO):
TV CABLE S.A,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:30:00 Win2K-f 59.115.189.147 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:34:00 Win2K-f 78.50.199.17 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

08:37:00 Win2K-f 208.98.1.163 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:51:00 Win2K-f 78.50.199.17 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

09:09:00 Win2K-f 59.162.169.121 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
HYDERABAD, ANDHRA PRADESH, IN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:09:14:00 Win2K-f 125.116.41.86 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:16:00 Win2K-f 121.120.134.102 (MAXIS.NET.MY):
MAXIS COMMUNICATIONS BHD,
MY. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:17:00 Win2K-f 190.0.74.166 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

09:47:00 Win2K-f 122.118.210.18 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:50:00 Win2K-f 190.55.209.195 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

09:50:00 Win2K-f 59.115.189.147 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:56:00 Win2K-f 186.9.149.176 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

10:04:00 Win2K-f 92.41.64.167 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:74 hits: 11-21 to 01-27] none[3] none:none
UPX| none trace

T:10:04:00 Win2K-f 190.138.104.199 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:558 hits: 11-26 to 01-28] none[3] none:none
Armadillo| none trace

10:10:00 Win2K-f 78.139.154.70 (-):
CAUCASUS NETWORK LTD,
GE. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:25:00 Win2K-f 88.84.24.179 (-):
WASSER - UND ELEKTRIZITAETSWERK DER GEMEINDE BUCHS SG,
CH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:37:00 Win2K-f 83.97.249.9 (CM-83-97-244-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:67 hits: 11-27 to 01-28] none[3] none:none
Armadillo| none trace

10:38:00 Win2K-f 190.51.119.215 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:44:00 Win2K-f 122.125.1.51 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:59:00 Win2K-f 190.138.104.199 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:558 hits: 11-26 to 01-28] none[3] none:none
Armadillo| none trace

11:00:00 Win2K-f 203.67.56.127 (SEED.NET.TW):
DIGITAL UNITED INC,
TAINAN, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:08:00 Win2K-f 210.2.148.242 (DANCOM.NET.PK):
DANCOM ONLINE SERVICES (PVT.) LTD,
PK. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:08:00 Win2K-f 190.90.199.135 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 12 of 39 7dd3d8117a
NEW none[none] none:none
none|none none none

T:11:22:00 Win2K-f 195.66.176.181 (-):
HOTEL CRNA GORA. A CATEGORY HOTEL IN PODGORICA MONTENEGRO,
CS. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:25:00 Win2K-f 190.3.122.69 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 0784acb08f
[Firefox: 8 hits: 11-21 to 01-27] none[3] none:none
UPX| none trace

11:25:00 Win2K-f 218.164.224.104 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:27:00 Win2K-f 78.83.197.15 (-):
TELENET LTD,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:38:00 Win2K-f 190.49.7.19 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

11:44:00 Win2K-f 91.189.104.166 (-):
TRIDENT MEDIGUARD,
FR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:55:00 Win2K-f 218.164.224.104 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:01:00 Win2K-f 200.71.107.28 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:05:00 Win2K-f 195.66.176.181 (-):
HOTEL CRNA GORA. A CATEGORY HOTEL IN PODGORICA MONTENEGRO,
CS. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:06:00 Win2K-f 190.90.206.128 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:07:00 Win2K-f 222.60.16.242 (HERBALQC.COM):
CHINA RAILWAY TELECOMMUNICATIONS CENTER,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

12:22:00 Win2K-f 70.38.109.124 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:24:00 Win2K-f 190.90.206.128 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:31:00 Win2K-f 201.172.62.124 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

12:56:00 Win2K-f 81.12.9.17 (-):
PIROOZ,
IR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:00:00 Win2K-f 61.59.237.216 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

13:02:00 Win2K-f 201.172.62.124 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

T:13:02:00 Win2K-f 81.12.9.17 (-):
PIROOZ,
IR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:16:00 Win2K-f 200.35.213.203 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

13:49:00 Win2K-f 190.128.72.80 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:52:00 Win2K-f 200.108.255.22 (DEDICADO.COM.UY):
TECNOWIND S.A,
MONTEVIDEO, MONTEVIDEO, UY. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:13:53:00 Win2K-f 80.4.22.249 (NTL.COM):
ASHFORD,
HARTLEPOOL, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:59:00 Win2K-f 202.152.15.243 (-):
SAINATH INDUSTRIAL CORP LTD,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:01:00 Win2K-f 114.47.74.74 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:16:00 Win2K-f 202.152.15.243 (-):
SAINATH INDUSTRIAL CORP LTD,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:19:00 Win2K-f 209.17.186.13 (-):
AXION INTERNET COMMUNICATIONS,
VANCOUVER, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:877 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

T:14:19:00 Win2K-f 194.170.32.66 (AC.AE):
HIGHER COLLEGES OF TECHNOLOGY,
ABU DHABI, ABU DHABI, AE. n/a
AE:194.170.32.66:4937 445 pcap raw alerts
ruleset http
18 lines Argh : 0.3
profile none summary
tarball none none none none none none none

T:14:27:00 Win2K-f 200.45.153.58 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

14:37:00 Win2K-f 201.30.189.109 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:44:00 Win2K-f 190.137.19.211 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:14:45:00 Win2K-f 77.20.237.128 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:47:00 Win2K-f 59.116.99.193 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:49:00 Win2K-f 190.128.56.81 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:53:00 Win2K-f 58.97.35.105 (ASIANET.CO.TH):
FIX IP FOR COPORATE CUSTOMER,
TH. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:57:00 Win2K-f 190.48.137.251 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:13:00 Win2K-f 62.118.171.66 (-):
MTU-CUST-DCA7739B,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:21:00 Win2K-f 61.67.135.41 (KBTELECOM.NET.TW):
KOOS BROADBAND TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:27:00 Win2K-f 190.49.112.54 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

T:15:41:00 Win2K-f 196.2.194.33 (MENANET.NET):
AFRINIC,
CAIRO, AL QAHIRAH, EG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:45:00 Win2K-f 218.161.101.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

15:48:00 Win2K-f 210.11.197.29 (-):
TC & DM GIUFRE-SWEETSER PTY LTD,
AU. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:15:55:00 Win2K-f 190.31.73.141 (NET.AR):
APOLO -GOLD-TELECOM-PER,
CORDOBA, CORDOBA, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:02:00 Win2K-f 114.45.160.176 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:14:00 Win2K-f 201.34.36.26 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:18:00 Win2K-f 218.161.101.199 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:16:29:00 Win2K-f 190.137.19.211 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:16:32:00 Win2K-f 59.115.241.118 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:35:00 Win2K-f 190.2.58.209 (IPLANNETWORKS.NET):
NSS S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:51:00 Win2K-f 190.220.49.56 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

16:53:00 Win2K-f 190.7.101.84 (DIVEO.NET.CO):
DIVEO DE COLOMBIA LTDA,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:54:00 Win2K-f 218.175.148.225 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAINAN, KAO-HSIUNG, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:55:00 Win2K-f 219.87.253.13 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:01:00 Win2K-f 114.41.6.50 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:06:00 Win2K-f 217.64.242.110 (MACTELECOM.NET):
BIZ SOLUTIONS LAN,
BRUSSELS, BRUSSELS, BE. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:09:00 Win2K-f 114.44.135.112 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:12:00 WinXP 130.15.190.187 (QUEENSU.CA):
QUEEN'S UNIVERSITY,
KINGSTON, ONTARIO, CA. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:12 hits: 11-05 to 12-28] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

17:17:00 WinXP 130.13.8.56 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:12 hits: 11-05 to 12-28] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

17:24:00 Win2K-f 123.204.57.101 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:24:00 Win2K-f 92.46.144.170 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:17:28:00 Win2K-f 59.104.39.122 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:29:00 Win2K-f 202.52.75.44 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:228 hits: 12-19 to 01-27] none[3] none:none
MEW| none trace

17:29:00 Win2K-f 195.24.193.19 (-):
CAMEROON TELECOMMUNICATIONS,
CM. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 fcb4920986
[Firefox:74 hits: 11-21 to 01-27] none[3] none:none
UPX| none trace

T:17:37:00 Win2K-f 59.115.179.145 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:40:00 Win2K-f 116.9.113.71 (163DATA.COM.CN):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:45:00 Win2K-f 202.52.75.44 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:228 hits: 12-19 to 01-27] none[3] none:none
MEW| none trace

17:50:00 Win2K-f 190.165.47.182 (-):
EMTELSA S.A. E.S.P,
CO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

17:50:00 Win2K-f 114.41.6.50 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:50:00 Win2K-f 92.46.144.170 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

17:51:00 Win2K-f 190.137.191.187 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:54:00 Win2K-f 190.220.117.20 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:17:55:00 Win2K-f 200.50.169.222 (NET.AR):
INTERLINK S.R.L,
AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:18:07:00 Win2K-f 81.117.60.206 (BUSINESS.TELECOMITALIA.IT):
KEYPASS SRL,
OSIMO, MARCHE, IT. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
IT:151.13.203.156:2811
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:07:00 Win2K-f 190.8.102.193 (MANQUEHUE.NET):
MANQUEHUENET,
CL. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

18:10:00 Win2K-f 65.191.87.65 (RR.COM):
ROAD RUNNER HOLDCO LLC,
FAYETTEVILLE, NORTH CAROLINA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:17:00 Win2K-f 200.114.30.130 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1950 hits: 11-22 to 01-28] none[3] none:none
UPX| none trace

T:18:22:00 Win2K-f 92.46.174.18 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:24:00 Win2K-f 114.47.65.114 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:32:00 Win2K-f 92.46.174.18 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:39:00 Win2K-f 222.89.235.42 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:40:00 Win2K-f 125.126.220.163 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:41:00 Win2K-f 190.220.117.20 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

18:56:00 Win2K-f 64.62.191.21 (OPTISERVERS.COM):
ENERGY GROUP INC,
DOWNEY, CALIFORNIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:56:00 Win2K-f 122.55.94.99 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:07:00 Win2K-f 61.185.8.9 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
SHANGHAI, SHANGHAI, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:12:00 Win2K-f 190.134.146.83 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:15:00 Win2K-f 71.111.65.218 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
BEAVERTON, OREGON, US. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:19:00 Win2K-f 62.123.98.83 (DIAL.ATLANET.IT):
ATLANET NETWORK,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

T:19:19:00 Win2K-f 92.51.70.22 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:20:00 Win2K-f 59.104.39.122 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:26:00 Win2K-f 122.118.240.174 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:234 hits: 11-20 to 01-28] none[3] none:none
StarForce| none trace

19:27:00 Win2K-f 81.117.60.206 (BUSINESS.TELECOMITALIA.IT):
KEYPASS SRL,
OSIMO, MARCHE, IT. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:33:00 Win2K-f 122.100.115.115 (UBBN.NET):
UNION BROADBAND NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:38:00 Win2K-f 190.228.65.32 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:41:00 Win2K-f 65.97.184.109 (FDN.COM):
FDN.COM,
JUPITER, FLORIDA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:50:00 Win2K-f 116.1.15.155 (MOLLINDUSTRIES.COM):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:57:00 Win2K-f 66.18.174.195 (TULAROSA.NET):
TULAROSA COMMUNICATIONS INC,
BURNSVILLE, MINNESOTA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:58:00 Win2K-f 94.76.208.43 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:59:00 Win2K-f 92.51.70.22 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:10:00 Win2K-f 74.63.216.234 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:12:00 Win2K-f 200.119.36.214 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:112 hits: 11-29 to 01-28] none[3] none:none
UPX| none trace

T:20:13:00 Win2K-f 82.147.201.58 (-):
DIAL-360-POOL-201-WAN,
SA. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:13:00 Win2K-f 218.22.169.92 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
ANHUI, ANHUI, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:18:00 Win2K-f 200.50.250.66 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

T:20:22:00 Win2K-f 186.9.14.57 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:28:00 Win2K-f 190.9.3.145 (COM.AR):
COOPERATIVA TELEFONICA CARLOS TEJEDOR LTDA,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:234 hits: 11-20 to 01-28] none[3] none:none
StarForce| none trace

T:20:32:00 Win2K-f 88.61.231.98 (BUSINESS.TELECOMITALIA.IT):
INTERBUSINESS,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:40:00 Win2K-f 116.1.15.155 (MOLLINDUSTRIES.COM):
CHINANET GUANGXI PROVINCE NETWORK,
NANNING, GUANGXI, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:42:00 Win2K-f 124.113.1.186 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:53:00 Win2K-f 71.111.65.218 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
BEAVERTON, OREGON, US. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:55:00 Win2K-f 220.175.149.143 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:57:00 Win2K-f 93.156.179.233 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset http
2 lines Argh : 0.3
profile none summary
tarball none none none none none none none

T:21:07:00 Win2K-f 122.126.0.88 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:10:00 Win2K-f 122.100.115.115 (UBBN.NET):
UNION BROADBAND NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:13:00 Win2K-f 88.61.231.98 (BUSINESS.TELECOMITALIA.IT):
INTERBUSINESS,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:13:00 Win2K-f 117.86.43.27 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:228 hits: 12-19 to 01-27] none[3] none:none
MEW| none trace

T:21:15:00 Win2K-f 222.89.235.42 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:17:00 Win2K-f 122.126.5.155 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:26:00 Win2K-f 119.125.160.116 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:40:00 Win2K-f 220.175.149.143 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:53:00 Win2K-f 119.125.77.65 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

21:59:00 Win2K-f 122.121.162.36 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:02:00 Win2K-f 93.156.179.233 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:02:00 Win2K-f 83.97.238.20 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:02:00 Win2K-f 123.204.32.65 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:12:00 Win2K-f 122.126.0.88 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:21:00 Win2K-f 123.204.32.65 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:23:00 Win2K-f 66.18.13.19 (SPEAKEASY.NET):
US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:27:00 Win2K-f 81.223.141.242 (INODE.AT):
KOLPINGHAUS WEIZ,
AT. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:459 hits: 11-25 to 01-28] none[3] none:none
Armadillo| none trace

T:22:27:00 Win2K-f 24.80.121.44 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:31:00 Win2K-f 151.118.197.213, 151.13.203.156 (INVALID IPV4 ADDRESS):
INVALID IPV4 ADDRESS,
INVALID IPV4 ADDRESS, INVALID IPV4 ADDRESS, INVALID IPV4 ADDRESS. (INVALID IPV4 ADDRESS) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:39:00 Win2K-f 219.86.160.102 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:40:00 Win2K-f 203.73.164.10 (SEED.NET.TW):
DIGITAL UNITED INC,
TAINAN, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:40:00 WinXP 84.77.11.158 (YA.COM):
YA.COM INTERNET FACTORY,
BARCELONA, CATALUñA, ES. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

22:44:00 Win2K-f 208.96.239.90 (CIMCOISP.NET):
CIMCO COMMUNICATIONS INC,
US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:49:00 Win2K-f 211.20.201.15 (YY-YONYU.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:52:00 Win2K-f 115.88.60.213 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:58:00 Win2K-f 24.80.121.44 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:59:00 Win2K-f 115.80.120.234 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

22:59:00 Win2K-f 117.75.169.8 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:02:00 Win2K-f 87.57.219.75 (IP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1774 hits: 11-24 to 01-28] none[3] none:none
UPX| none trace

T:23:25:00 Win2K-f 59.114.211.156 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:35:00 Win2K-f 122.123.6.132 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:39:00 Win2K-f 115.80.120.234 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1049 hits: 11-30 to 01-28] none[3] none:none
StarForce| none trace

T:23:54:00 Win2K-f 118.140.38.78 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19388 hits: 11-20 to 01-28] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace