Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

30 January 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
T:00:08:00 Win2K-f 83.97.238.20 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:12:00 Win2K-f 203.62.155.2 (-):
ASSUMPTION COLLEGE THONBURI THAILAND EDUCATION COLLEGE,
TH. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:13:00 Win2K-f 202.51.102.50 (SOLUSI.NET.ID):
SOLUSI INTERNET SERVICE PROVIDER,
ID. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:20:00 Win2K-f 81.223.141.242 (INODE.AT):
KOLPINGHAUS WEIZ,
AT. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
00:21:00 Win2K-f 125.115.195.224 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:22:00 Win2K-f 78.38.78.118 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:23:00 Win2K-f 83.221.67.86 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
00:26:00 Win2K-f 60.179.161.121 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:29:00 Win2K-f 84.126.148.163 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:00:32:00 Win2K-f 124.8.93.157 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:34:00 Win2K-f 125.115.195.224 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:46:00 Win2K-f 118.140.38.78 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:47:00 Win2K-f 122.120.33.252 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:54:00 Win2K-f 60.179.161.121 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:57:00 Win2K-f 203.73.27.27 (TSRC.COM.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:04:00 Win2K-f 196.7.233.67 (TELKOM-IPNET.CO.ZA):
AFRINIC,
ZA. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
01:08:00 Win2K-f 203.70.244.244 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:13:00 Win2K-f 83.221.67.86 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
01:22:00 Win2K-f 118.232.62.134 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:23:00 Win2K-f 69.239.132.21 (PACBELL.NET):
STEVE DOBBE,
PLANO, TEXAS, US. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:32:00 Win2K-f 203.73.164.10 (SEED.NET.TW):
DIGITAL UNITED INC,
TAINAN, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:35:00 Win2K-f 59.125.118.230 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:35:00 Win2K-f 124.11.65.3 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:37:00 Win2K-f 84.126.148.163 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
01:40:00 Win2K-f 61.223.102.100 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
01:44:00 Win2K-f 122.126.144.180 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:01:00 Win2K-f 79.98.212.123 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 507252387e
[Firefox:57 hits: 11-27 to 01-20] 		none[3] none:none
 UPX| none trace
T:02:04:00 Win2K-f 216.176.182.202 (WOWRACK.COM):
WOW TECHNOLOGIES,
CHARLESTON, ILLINOIS, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:17:00 Win2K-f 71.127.84.90 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
02:20:00 Win2K-f 122.125.233.11 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
02:32:00 Win2K-f 119.77.220.3 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] 		none[3] none:none
 UPX| none trace
T:02:37:00 Win2K-f 200.71.107.113 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
02:44:00 Win2K-f 121.247.131.141 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
CALCUTTA, WEST BENGAL, IN. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
02:49:00 Win2K-f 200.71.107.113 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:03:03:00 Win2K-f 114.42.212.66 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:10:00 Win2K-f 78.38.45.12 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:14:00 Win2K-f 87.97.207.54 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
03:16:00 Win2K-f 118.160.192.158 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:34:00 Win2K-f 221.125.115.179 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:38:00 Win2K-f 118.232.62.134 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:39:00 Win2K-f 125.112.47.164 (163DATA.COM.CN):
CHINANET-ZJ JINHUA NODE NETWORK,
CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:44:00 Win2K-f 116.75.163.248 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:52:00 Win2K-f 200.87.193.18 (ORION.PNUD.BO):
ENTEL S.A. - ENTELNET,
COCHABAMBA, COCHABAMBA, BO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:58:00 Win2K-f 61.19.252.48 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
04:03:00 Win2K-f 219.109.106.24 (CATVNET.NE.JP):
CATV NETWORK SERVICES(STNET INCORPORATED),
OSAKA, OSAKA, JP. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:15:00 Win2K-f 200.230.80.34 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:15:00 Win2K-f 61.19.252.48 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
04:17:00 Win2K-f 122.136.80.253 (MINTEL.COM):
CNCGROUP JILIN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:19:00 Win2K-f 61.223.102.100 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:21:00 Win2K-f 119.77.220.3 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] 		none[3] none:none
 UPX| none trace
T:04:49:00 Win2K-f 200.230.80.34 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:53:00 Win2K-f 92.48.68.9 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:03:00 Win2K-f 211.72.106.76 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:09:00 Win2K-f 122.121.176.189 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:14:00 Win2K-f 91.102.160.197 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:25:00 Win2K-f 59.125.69.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:26:00 Win2K-f 189.123.165.182 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 17cf6a5252
[Firefox:12 hits: 12-03 to 01-14] 		none[3] none:none
 UPX| none trace
T:05:31:00 Win2K-f 61.224.207.96 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:39:00 Win2K-f 118.232.62.135 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:42:00 Win2K-f 124.10.229.22 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:50:00 Win2K-f 122.125.135.146 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:02:00 Win2K-f 203.73.101.29 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:13:00 Win2K-f 87.97.246.132 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
06:17:00 Win2K-f 118.232.13.184 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:06:20:00 Win2K-f 92.48.68.9 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:20:00 Win2K-f 122.4.200.198 (163DATA.COM.CN):
CHINANET SHANDONG PROVINCE NETWORK,
JINAN, SHANDONG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:21:00 Win2K-f 122.121.176.189 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:27:00 Win2K-f 81.57.169.245 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:27:00 Win2K-f 203.118.234.182 (-):
GRAND TAINAN TECHNOLOGY CO.LTD,
TAINAN, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:06:36:00 Win2K-f 123.181.151.8 (163DATA.COM.CN):
CHINANET HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:38:00 Win2K-f 123.195.63.24 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:41:00 Win2K-f 122.4.200.198 (163DATA.COM.CN):
CHINANET SHANDONG PROVINCE NETWORK,
JINAN, SHANDONG, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:50:00 Win2K-f 89.41.3.57 (BOTOSANI.RO):
SC DIGINET SA,
RO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:02:00 Win2K-f 194.8.75.206 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:07:06:00 Win2K-f 59.125.198.180 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:12:00 Win2K-f 190.220.60.85 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:07:18:00 Win2K-f 122.117.159.87 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:23:00 Win2K-f 212.37.172.59 (-):
INTRACOM,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
07:23:00 Win2K-f 218.173.247.100 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:35:00 Win2K-f 200.106.189.186 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:50:00 Win2K-f 190.209.43.180 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:00:00 Win2K-f 122.125.129.195 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:08:02:00 Win2K-f 94.21.93.46 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:13:00 Win2K-f 201.236.197.187 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:21:00 Win2K-f 124.113.183.64 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:24:00 Win2K-f 201.236.197.187 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:30:00 Win2K-f 190.97.130.216 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:32:00 Win2K-f 202.78.230.60 (QTSC.COM.VN):
QUANG TRUNG SOFTWARE CITY (QTSC),
HO CHI MINH CITY, HO CHI MINH, VN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:39:00 Win2K-f 219.86.208.8 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:45:00 Win2K-f 218.108.43.164 (-):
YIGAOSHUMA,
CN. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] 		none[3] none:none
 Armadillo| none trace
08:46:00 Win2K-f 212.68.42.186 (-):
NETWING,
AT. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
T:08:57:00 Win2K-f 212.68.42.186 (-):
NETWING,
AT. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
09:00:00 Win2K-f 202.78.230.60 (QTSC.COM.VN):
QUANG TRUNG SOFTWARE CITY (QTSC),
HO CHI MINH CITY, HO CHI MINH, VN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:06:00 Win2K-f 221.125.120.64 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:14:00 Win2K-f 190.54.68.99 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:09:25:00 Win2K-f 80.219.191.39 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:09:41:00 Win2K-f 212.68.42.202 (-):
NETWING,
AT. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
09:44:00 Win2K-f 212.68.42.202 (-):
NETWING,
AT. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
09:50:00 Win2K-f 122.125.129.195 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:09:53:00 Win2K-f 190.48.250.30 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
10:00:00 Win2K-f 190.50.114.238 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:00:00 Win2K-f 190.50.114.238 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		14 of 39 85af8690d4
[Firefox: 2 hits: 12-25 to 01-05] 		none[3] none:none
 UPX| none trace
T:10:10:00 Win2K-f 201.254.55.165 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:10:00 Win2K-f 80.219.191.39 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
10:16:00 Win2K-f 94.76.208.44 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:26:00 Win2K-f 200.75.227.50 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:30:00 Win2K-f 190.140.186.139 (CABLEONDA.NET):
CABLE ONDA,
PA. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		12 of 39 e2cffe8223
NEW 		none[none] none:none
 none|none none none
10:47:00 Win2K-f 94.249.80.69 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:58:00 Win2K-f 189.6.98.140 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:03:00 Win2K-f 190.54.68.99 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
11:14:00 Win2K-f 221.225.39.32 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:30:00 Win2K-f 221.225.39.32 (163DATA.COM.CN):
CHINANET JIANGSU PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:31:00 Win2K-f 121.120.38.127 (MAXIS.NET.MY):
MAXIS COMMUNICATIONS BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 71afca1665
[Firefox:101 hits: 11-23 to 01-20] 		none[3] none:none
 StarForce| none trace
T:11:43:00 Win2K-f 83.52.191.186 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ESPARREGUERA, CATALUñA, ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
T:11:47:00 Win2K-f 210.55.78.120 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:48:00 Win2K-f 201.172.144.85 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
11:50:00 WinXP 88.30.4.94 (RIMA-TDE.NET):
TELEFONICA MOVILES ESPANA (NCC#2007041930),
ES. 		76.76.19.32:3921 :new.ifconfig.us 139 pcap raw alerts
ruleset 		ftp
irc
26 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 39 4a2a62c8e7
NEW 		none[none] none:none
 none|none none none
11:58:00 Win2K-f 190.208.76.128 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:01:00 Win2K-f 24.89.90.121 (ACCESSCOMM.CA):
ACCESS COMMUNICATIONS CO-OPERATIVE LIMITED,
REGINA, SASKATCHEWAN, CA. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
12:10:00 Win2K-f 83.52.191.186 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ESPARREGUERA, CATALUñA, ES. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
12:23:00 Win2K-f 210.55.78.120 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:38:00 Win2K-f 189.38.212.30 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
12:39:00 Win2K-f 200.35.236.70 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:42:00 Win2K-f 119.103.1.203 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
12:55:00 Win2K-f 220.128.114.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:03:00 Win2K-f 200.35.236.70 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:06:00 Win2K-f 200.62.195.89 (TELMEX.COM.PE):
MENDOZA HUAMANI JESUS GUILLERMO,
LIMA, LIMA, PE. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:13:19:00 Win2K-f 124.11.192.203 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:31:00 Win2K-f 118.232.62.145 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:34:00 Win2K-f 65.39.209.84 (PEER1.NET):
PEER 1 NETWORK INC,
NEW YORK, NEW YORK, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] 		none[3] none:none
 UPX| none trace
T:13:44:00 Win2K-f 201.82.236.129 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
13:54:00 Win2K-f 222.86.85.43 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:00:00 Win2K-f 119.103.1.203 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
14:05:00 Win2K-f 66.37.77.157 (SWVA.NET):
CITIZENS TELEPHONE COOPERATIVE,
FLOYD, VIRGINIA, US. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:16:00 Win2K-f 208.13.158.55 (VA.US):
MONGOMERY COUNTY SCHOOLS,
BLACKSBURG, VIRGINIA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:28:00 Win2K-f 78.178.84.36 (SMYTHECRAMER.COM):
TELEKOM,
TR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:29:00 Win2K-f 200.35.207.241 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:14:36:00 Win2K-f 118.166.249.251 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
14:40:00 Win2K-f 202.56.229.52 (-):
AMTEXINFOTECH1917-DEL,
CHENNAI, TAMIL NADU, IN. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 fcb4920986
[Firefox:76 hits: 11-21 to 01-29] 		none[3] none:none
 UPX| none trace
14:43:00 Win2K-f 59.124.165.106 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:45:00 Win2K-f 220.128.114.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:49:00 Win2K-f 77.247.238.162 (-):
VSD-NET,
RU. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace