Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

03 February 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:07:00 Win2K-f 122.122.216.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:09:00 Win2K-f 118.140.114.141 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:22:00 Win2K-f 83.97.190.37 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:22:00 Win2K-f 211.74.91.68 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:27:00 Win2K-f 122.122.216.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:37:00 Win2K-f 219.86.165.219 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

00:52:00 Win2K-f 118.231.64.3 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

00:58:00 Win2K-f 61.19.251.249 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:01:04:00 Win2K-f 201.252.246.10 (NET.AR):
COMUNICAR SRL,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:01:16:00 Win2K-f 189.58.143.139 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:19:00 Win2K-f 59.42.85.1 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:01:20:00 Win2K-f 219.127.218.24 (-):
DOOGA CO. LTD,
JP. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:27:00 Win2K-f 118.140.114.141 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:30:00 Win2K-f 65.111.176.67 (SERVERPRONTO.COM):
INFOLINK INFORMATION SERVICES INC,
US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:34:00 Win2K-f 201.173.33.123 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:01:45:00 Win2K-f 59.105.21.168 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:51:00 Win2K-f 122.88.0.23 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:53:00 Win2K-f 83.97.190.37 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:01:00 Win2K-f 91.64.175.21 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:02:10:00 Win2K-f 125.122.131.226 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a 445 pcap raw alerts
ruleset http
2 lines Argh : 0.3
profile none summary
tarball none none none none none none none

T:02:11:00 Win2K-f 195.67.19.127 (ENVIROCOM.SE):
FINORIA KOMMUNIKATION AB,
SE. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:18:00 Win2K-f 83.58.123.12 (RIMA-TDE.NET):
TELEFONICA DE ESPANA(NCC#2005070725),
BARCELONA, CATALUñA, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:24:00 Win2K-f 122.88.0.23 (JWS.COM):
CHINA TIETONG TELECOMMUNICATIONS CORPORATION,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:32:00 Win2K-f 91.64.175.21 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:02:33:00 Win2K-f 59.124.166.245 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:35:00 Win2K-f 201.173.33.123 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:02:41:00 Win2K-f 66.83.42.228 (NUVOX.NET):
NUVOX COMMUNICATIONS INC,
GREENVILLE, SOUTH CAROLINA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:44:00 Win2K-f 122.127.176.74 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:44:00 Win2K-f 151.97.232.4 (RILPRES.UNICT.IT):
UNIVERSITA' DI CATANIA,
CATANIA, SICILIA, IT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:48:00 Win2K-f 125.122.131.226 (HZ.ZJ.CN):
CHINANET ZHEJIANG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

02:57:00 Win2K-f 83.58.123.12 (RIMA-TDE.NET):
TELEFONICA DE ESPANA(NCC#2005070725),
BARCELONA, CATALUñA, ES. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:04:00 Win2K-f 59.104.22.191 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:12:00 Win2K-f 220.136.172.164 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:03:14:00 Win2K-f 114.217.135.183 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:19:00 Win2K-f 189.114.108.101 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:24:00 Win2K-f 201.252.246.10 (NET.AR):
COMUNICAR SRL,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

03:52:00 Win2K-f 203.109.50.3 (-):
VDSL NETWORK SDN BHD INTERNET SERVICE PROVIDER,
MY. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:53:00 Win2K-f 59.105.78.67 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:59:00 Win2K-f 66.83.42.228 (NUVOX.NET):
NUVOX COMMUNICATIONS INC,
GREENVILLE, SOUTH CAROLINA, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:10:00 Win2K-f 65.111.176.67 (SERVERPRONTO.COM):
INFOLINK INFORMATION SERVICES INC,
US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:16:00 Win2K-f 85.139.230.46 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
PT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:17:00 Win2K-f 121.13.214.10 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:04:39:00 Win2K-f 212.95.46.168 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

04:42:00 Win2K-f 189.31.140.150 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:47:00 Win2K-f 212.95.46.168 (-):
DEUTSCHES INTERNET-ZENTRUM AG,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:04:55:00 Win2K-f 85.139.230.46 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
PT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:01:00 Win2K-f 82.107.173.1 (BUSINESS.TELECOMITALIA.IT):
TELECOM ITALIA WIRELINE SERVICES,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:05:02:00 Win2K-f 87.246.28.60 (-):
TRIPLE PLAY CLIENT OF CABLETEL PLC IN SHUMEN,
BG. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

T:05:05:00 Win2K-f 66.60.219.149 (NEWULMTEL.NET):
NEW ULM TELECOM INC,
NEW ULM, MINNESOTA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:11:00 Win2K-f 122.118.49.163 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:15:00 Win2K-f 189.23.122.6 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:30:00 Win2K-f 94.51.114.184 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

T:05:31:00 Win2K-f 189.42.209.8 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:05:31:00 Win2K-f 210.0.180.40 (ON-NETS.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

05:31:00 Win2K-f 122.118.212.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:33:00 Win2K-f 122.127.176.74 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:43:00 Win2K-f 123.110.84.134 (LSC.NET.TW):
TBCOM-NET,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:45:00 Win2K-f 87.17.180.69 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
PESARO, MARCHE, IT. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

05:52:00 Win2K-f 189.114.108.101 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:01:00 Win2K-f 210.0.180.40 (ON-NETS.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:06:09:00 Win2K-f 78.39.40.69 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:16:00 Win2K-f 189.31.140.150 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:25:00 Win2K-f 210.64.163.213 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:29:00 Win2K-f 59.120.94.67 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:40:00 Win2K-f 59.120.94.67 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:43:00 Win2K-f 123.110.84.134 (LSC.NET.TW):
TBCOM-NET,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:54:00 Win2K-f 58.27.224.172 (-):
NATIONAL WIMAX/IMS ENVIRONMENT,
PK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:54:00 Win2K-f 189.23.122.6 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:07:00 Win2K-f 151.23.80.91 (-):
MANAGEMENT SCHEDE E1/PRI,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:07:08:00 Win2K-f 201.21.138.48 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:10:00 Win2K-f 85.41.243.180 (BUSINESS.TELECOMITALIA.IT):
NERSRL,
IT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

07:10:00 Win2K-f 189.72.170.234 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:10:00 Win2K-f 119.92.212.221 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:101 hits: 11-23 to 01-20] none[3] none:none
StarForce| none trace

T:07:11:00 Win2K-f 58.23.93.118 (-):
QUANZHOU CITY FUJIAN PROVINCIAL NETWORK OF CNCGROUP,
QUANZHOU, FUJIAN, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:20:00 Win2K-f 59.112.53.100 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:28:00 Win2K-f 85.41.243.180 (BUSINESS.TELECOMITALIA.IT):
NERSRL,
IT. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:07:34:00 Win2K-f 200.45.199.232 (NET.AR):
SCANIA SA,
BUENOS AIRES, BUENOS AIRES, AR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

07:36:00 Win2K-f 58.23.93.118 (-):
QUANZHOU CITY FUJIAN PROVINCIAL NETWORK OF CNCGROUP,
QUANZHOU, FUJIAN, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:37:00 Win2K-f 124.8.118.250 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:41:00 Win2K-f 190.48.109.231 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

07:46:00 Win2K-f 201.21.138.48 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:50:00 Win2K-f 91.64.4.250 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

07:54:00 Win2K-f 87.97.200.180 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

08:04:00 Win2K-f 200.80.189.17 (NET.AR):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:08:04:00 Win2K-f 82.56.80.216 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:05:00 Win2K-f 59.113.55.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

08:09:00 Win2K-f 66.90.104.110 (MM-NEWS.NET):
FDC SERVERS.NET LLC,
RALEIGH, NORTH CAROLINA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:21:00 Win2K-f 59.113.55.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

T:08:21:00 Win2K-f 84.42.31.78 (TVER.RU):
MSS TVER REGION,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

08:22:00 Win2K-f 77.20.122.24 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:25:00 Win2K-f 82.56.80.216 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:46:00 Win2K-f 62.97.80.119 (IP-ZONE.COM):
OPCIONA-ES-NET,
SANTA CRUZ DE TENERIFE, CANARY ISLANDS, ES. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:54:00 Win2K-f 81.9.174.239 (CM-81-9-168-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:58:00 Win2K-f 190.204.165.229 (CANTV.NET):
CANTV SERVICIOS VENEZUELA,
VE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:18:00 Win2K-f 219.86.120.84 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

T:09:19:00 Win2K-f 61.217.31.175 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:22:00 Win2K-f 95.69.196.185 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:09:23:00 Win2K-f 83.97.238.167 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

09:32:00 Win2K-f 222.124.32.174 (TELKOM.NET.ID):
PT. TELEKOMUNIKASI INDONESIA,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:39:00 Win2K-f 222.124.32.174 (TELKOM.NET.ID):
PT. TELEKOMUNIKASI INDONESIA,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:44:00 Win2K-f 200.21.77.101 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:16:00 Win2K-f 24.82.6.237 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
ABBOTSFORD, BRITISH COLUMBIA, CA. n/a US:microsoft.com 135 pcap raw alerts
ruleset other
95 lines Yeah : 1.3
profile none summary
tarball 33 of 33
34 of 39 53bfe15e91
[Firefox:4125 hits: 06-17 to 01-27]
f4516c599a
NEW 1473091351 [0]
none [none] ASM:Graph
none:none
tElock|
none|none lines=75
embedded dns
none trace
none

T:10:24:00 Win2K-f 114.44.137.82 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:33:00 Win2K-f 81.9.174.239 (CM-81-9-168-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:39:00 Win2K-f 59.125.243.121 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:41:00 Win2K-f 195.34.117.237 (DELTACATV.COM):
DELTANET,
BURGAS, BURGAS, BG. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:42:00 Win2K-f 71.107.255.172 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
LOS ANGELES, CALIFORNIA, US. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:44:00 Win2K-f 212.163.128.49 (LOCALHOST):
BT TELECOMUNICACIONES,
MADRID, MADRID, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:45:00 Win2K-f 83.97.238.167 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

T:11:00:00 Win2K-f 59.125.243.121 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:06:00 Win2K-f 200.21.77.101 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:09:00 Win2K-f 87.246.28.60 (-):
TRIPLE PLAY CLIENT OF CABLETEL PLC IN SHUMEN,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

11:12:00 Win2K-f 91.189.105.31 (-):
TRIDENT MEDIGUARD,
FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:14:00 Win2K-f 12.51.122.23 (ATT.NET):
AT&T WORLDNET SERVICES,
US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:15:00 Win2K-f 221.127.44.122 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:23:00 Win2K-f 213.99.185.149 (-):
TELEFONICA MOVILES ESPANA (NCC#2006042768),
ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:33:00 Win2K-f 190.254.92.74 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:11:36:00 Win2K-f 190.51.109.13 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:37:00 Win2K-f 190.254.92.74 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

11:44:00 Win2K-f 59.103.63.195 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:58:00 Win2K-f 81.173.168.125 (NETCOLOGNE.DE):
DYNAMIC XDSL IP POOL,
KOELN, NORDRHEIN-WESTFALEN, DE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:58:00 Win2K-f 202.122.17.179 (E-KARNET.NET):
SERVICE PROVIDER,
BANGALORE, KARNATAKA, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:10:00 Win2K-f 212.117.162.208 (-):
EYENET,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:15:00 Win2K-f 125.21.50.180 (59.AIRTELBROADBAND.IN):
BHARTI TELEVENTURES LIMITED A/C ABTS MP,
BHOPAL, MADHYA PRADESH, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:12:15:00 Win2K-f 190.141.66.117 (-):
. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:12:26:00 Win2K-f 91.98.159.211 (-):
PARS,
IR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:28:00 Win2K-f 12.51.122.23 (ATT.NET):
AT&T WORLDNET SERVICES,
US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:31:00 Win2K-f 124.8.55.112 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:33:00 Win2K-f 93.110.2.202 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:41:00 Win2K-f 93.110.2.202 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:46:00 Win2K-f 190.11.146.42 (COM.AR):
POWER VT S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:57:00 Win2K-f 59.104.76.221 (SEED.NET.TW):
DIGITAL UNITED I,
KAOHSIUNG, KAO-HSIUNG, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:58:00 Win2K-f 114.47.72.109 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

12:59:00 Win2K-f 116.75.163.248 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:03:00 Win2K-f 190.11.146.42 (COM.AR):
POWER VT S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:12:00 Win2K-f 116.75.163.248 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:24:00 Win2K-f 219.95.33.198 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 10 of 38 0fadd81286
[Firefox: 6 hits: 12-07 to 01-13] none[3] none:none
StarForce| none trace

T:13:28:00 Win2K-f 219.86.224.91 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:32:00 Win2K-f 201.173.68.39 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

13:41:00 Win2K-f 201.172.102.103 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:13:45:00 Win2K-f 212.163.128.49 (LOCALHOST):
BT TELECOMUNICACIONES,
MADRID, MADRID, ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:45:00 Win2K-f 200.71.106.203 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:48:00 Win2K-f 202.122.17.179 (E-KARNET.NET):
SERVICE PROVIDER,
BANGALORE, KARNATAKA, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:51:00 Win2K-f 190.209.43.180 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:58:00 Win2K-f 59.104.76.221 (SEED.NET.TW):
DIGITAL UNITED I,
KAOHSIUNG, KAO-HSIUNG, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:59:00 Win2K-f 201.24.4.106 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:06:00 Win2K-f 208.53.170.254 (RAAGALAHARI.COM):
FDC SERVERS.NET LLC,
JONESBORO, ARKANSAS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:14:11:00 Win2K-f 219.95.33.198 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 10 of 38 0fadd81286
[Firefox: 6 hits: 12-07 to 01-13] none[3] none:none
StarForce| none trace

T:14:20:00 Win2K-f 208.53.170.254 (RAAGALAHARI.COM):
FDC SERVERS.NET LLC,
JONESBORO, ARKANSAS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

14:23:00 Win2K-f 95.104.69.218 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

14:27:00 Win2K-f 194.8.75.50 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:14:28:00 Win2K-f 116.50.212.62 (EASTERN-TELE.COM):
EASTERN TELECOMS PHILIPPINES INC,
MAKATI, MANILA, PH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:32:00 Win2K-f 189.22.250.2 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:33:00 Win2K-f 125.21.50.180 (59.AIRTELBROADBAND.IN):
BHARTI TELEVENTURES LIMITED A/C ABTS MP,
BHOPAL, MADHYA PRADESH, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

14:40:00 Win2K-f 200.62.195.74 (TELMEX.COM.PE):
MENDOZA HUAMANI JESUS GUILLERMO,
LIMA, LIMA, PE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:57:00 Win2K-f 118.98.178.98 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:01:00 Win2K-f 118.232.1.69 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:02:00 Win2K-f 202.60.81.80 (NETLOGISTICS.COM.AU):
NET LOGISTICS,
AU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:14:00 Win2K-f 190.141.25.27 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:16:00 Win2K-f 200.43.207.90 (NET.AR):
MIDAS-TELECOM,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:20:00 Win2K-f 190.141.25.27 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:26:00 Win2K-f 82.29.146.234 (NTL.COM):
NTL INFRASTRUCTURE - LUTON,
NORTHAMPTON, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:15:45:00 Win2K-f 190.5.194.149 (UNICAUCA.EDU.CO):
EMTEL S.A. E.S.P,
POPAYAN, CAUCA, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

15:48:00 Win2K-f 94.76.213.222 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:54:00 Win2K-f 61.19.251.25 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:15:57:00 Win2K-f 201.24.4.106 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:00:00 Win2K-f 201.218.109.83 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:02:00 Win2K-f 190.5.194.149 (UNICAUCA.EDU.CO):
EMTEL S.A. E.S.P,
POPAYAN, CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

T:16:08:00 Win2K-f 59.120.127.83 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:10:00 Win2K-f 201.173.68.39 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:16:25:00 Win2K-f 190.209.43.180 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:26:00 Win2K-f 190.136.190.81 (NET.AR):
TELECOM ARGENTINA S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:32:00 Win2K-f 88.172.181.250 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

16:35:00 Win2K-f 201.172.102.103 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:16:37:00 Win2K-f 190.136.190.81 (NET.AR):
TELECOM ARGENTINA S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:38:00 Win2K-f 201.172.102.103 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

16:38:00 WinXP 60.234.109.146 (ORCON.NET.NZ):
ORCON INTERNET LTD SUPPORT,
AUCKLAND, AUCKLAND, NZ. n/a RU:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:1040 hits: 05-01 to 01-28] none[0] none:none
PolyEnE| lines=68 trace

T:16:42:00 Win2K-f 118.160.238.140 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:45:00 Win2K-f 88.172.181.250 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

16:46:00 Win2K-f 212.72.182.109 (EKB-KIESERLING.DE):
ARTFILES NEW MEDIA GMBH,
HAMBURG, HAMBURG, DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:48:00 Win2K-f 85.93.113.29 (-):
MAXPROGRES,
BRNO, JIHOMORAVSKY KRAJ, CZ. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:16:52:00 Win2K-f 90.151.208.45 (PERMONLINE.RU):
OJSC URALSVYAZINFORM,
RU. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:54:00 Win2K-f 212.72.182.109 (EKB-KIESERLING.DE):
ARTFILES NEW MEDIA GMBH,
HAMBURG, HAMBURG, DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:00:00 Win2K-f 118.232.1.69 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:12:00 Win2K-f 93.156.180.241 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:14:00 Win2K-f 59.105.228.109 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:15:00 Win2K-f 190.10.73.212 (HOST1-RACSA.CO.CR):
RADIGRAFICA COSTARRICENSE,
CR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:15:00 Win2K-f 203.206.55.186 (IINET.NET.AU):
IINET LIMITED,
AU. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:20:00 Win2K-f 59.105.228.109 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:22:00 Win2K-f 64.85.16.222 (MOTH):
SECURE WEBS INC,
COLVILLE, WASHINGTON, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

17:30:00 Win2K-f 208.71.91.26 (HOSTSERVE.NET):
NETWORX INTERNET & NETWORKING SOLUTIONS INC,
HAMILTON, ONTARIO, CA. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:31:00 Win2K-f 190.141.246.235 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:45:00 Win2K-f 190.141.246.235 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:46:00 Win2K-f 203.66.138.9 (AMTC.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

17:46:00 Win2K-f 216.113.254.73 (-):
DPT BUSINESS SCHOOLS,
WARMINSTER, PENNSYLVANIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:49:00 Win2K-f 125.224.73.49 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:58:00 Win2K-f 125.65.24.106 (163DATA.COM.CN):
CHINANET SICHUAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

17:59:00 Win2K-f 200.78.229.220 (AVANTEL.NET.MX):
ACCENTURE SC,
MX. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:02:00 Win2K-f 189.123.170.131 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:04:00 Win2K-f 186.9.4.186 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:18:09:00 Win2K-f 117.65.1.61 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:17:00 Win2K-f 200.85.122.29 (COM.AR):
MAXIMILIANO ACHAVAL,
AR. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

18:23:00 Win2K-f 190.225.151.224 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:18:28:00 Win2K-f 116.59.124.143 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:33:00 Win2K-f 123.204.29.121 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:47:00 Win2K-f 200.62.195.94 (TELMEX.COM.PE):
MENDOZA HUAMANI JESUS GUILLERMO,
LIMA, LIMA, PE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:51:00 Win2K-f 119.135.237.36 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:52:00 Win2K-f 200.51.199.57 (COM.AR):
ADVANCE TELECOMUNICACIONES S.A,
MAR DEL PLATA, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:56:00 Win2K-f 119.135.237.36 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

19:02:00 Win2K-f 190.55.221.172 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:19:18:00 Win2K-f 203.73.87.234 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:20:00 Win2K-f 64.85.16.222 (MOTH):
SECURE WEBS INC,
COLVILLE, WASHINGTON, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

19:25:00 Win2K-f 125.224.73.49 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:28:00 Win2K-f 201.9.111.123 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:28:00 Win2K-f 186.0.8.122 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

19:34:00 Win2K-f 116.59.8.144 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:41:00 Win2K-f 123.181.151.137 (163DATA.COM.CN):
CHINANET HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:49:00 Win2K-f 186.0.8.122 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

19:49:00 Win2K-f 63.170.68.39 (TELEBARBADOS.COM):
ANTILLES CROSSING INTERNATIONAL,
GOODLAND, KANSAS, US. n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:19:55:00 Win2K-f 190.157.94.5 (CABLE.NET.CO):
TV CABLE S.A,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:20:09:00 Win2K-f 91.98.159.157 (-):
PARS,
IR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:11:00 Win2K-f 219.80.213.177 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:14:00 Win2K-f 219.64.197.94 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

20:43:00 Win2K-f 79.121.192.97 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:20:54:00 Win2K-f 122.116.132.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:58:00 Win2K-f 211.241.184.78 (KRLINE.NET):
KRNIC,
KR. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:08:00 Win2K-f 190.157.94.5 (CABLE.NET.CO):
TV CABLE S.A,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

21:18:00 Win2K-f 200.58.71.7 (SUPERNET.COM.BO):
COMTECO LTDA,
COCHABAMBA, COCHABAMBA, BO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:26:00 Win2K-f 84.237.129.53 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:33:00 Win2K-f 190.108.19.173 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:21:35:00 Win2K-f 186.9.23.72 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

21:35:00 Win2K-f 201.11.253.6 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:36:00 Win2K-f 122.121.218.42 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:45:00 Win2K-f 66.109.29.195 (GALAXYVISIONS.COM):
GALAXYVISIONS INC,
ALBANY, NEW YORK, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:49:00 Win2K-f 85.41.145.36 (BUSINESS.TELECOMITALIA.IT):
AZIENDA REGIONALE DIRITTO ALL,
SIENA, TOSCANA, IT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:51:00 Win2K-f 61.47.61.204 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:04:00 Win2K-f 122.121.218.42 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:13:00 Win2K-f 123.54.21.118 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 78ceaae025
[Firefox:15 hits: 11-22 to 01-18] none[3] none:none
UPX| none trace

22:15:00 Win2K-f 212.59.11.81 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:30:00 Win2K-f 213.55.76.238 (TELECOM.NET.ET):
ETHIOPIAN TELECOMMUNICATION CORPORATION,
ET. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:30:00 Win2K-f 82.65.48.201 (PROXAD.NET):
PROXAD / FREE SAS,
FR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:33:00 Win2K-f 82.65.48.201 (PROXAD.NET):
PROXAD / FREE SAS,
FR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:38:00 Win2K-f 219.64.197.94 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
IN. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

22:44:00 Win2K-f 190.60.35.81 (IFXNETWORKS.COM):
IFX NETWORKS COLOMBIA,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

22:45:00 Win2K-f 122.116.132.31 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:47:00 Win2K-f 202.51.181.74 (ONEBD.COM):
ADVANCE TECHNOLOGY COMPUTERS LTD,
BD. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:22:52:00 Win2K-f 82.248.31.37 (PROXAD.NET):
PROXAD / FREE SAS,
CANNES, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:04:00 Win2K-f 59.125.215.226 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:08:00 Win2K-f 85.152.72.163 (CM-85-152-72-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

23:08:00 Win2K-f 82.248.31.37 (PROXAD.NET):
PROXAD / FREE SAS,
CANNES, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:15:00 Win2K-f 140.113.130.134 (NTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:30:00 Win2K-f 87.16.76.86 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:32:00 Win2K-f 140.113.130.134 (NTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:34:00 Win2K-f 122.125.83.79 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:36:00 Win2K-f 200.41.23.228 (COM.AR):
IMPSAT ARGENTINA,
EZEIZA, BUENOS AIRES, AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

T:23:40:00 Win2K-f 122.124.68.210 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:50:00 Win2K-f 87.97.219.141 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:58:00 Win2K-f 199.2.124.10 (SPRINTLINK.NET):
SPRINT,
US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:59:00 Win2K-f 84.73.175.129 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace