Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

05 February 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:09:00 Win2K-f 123.195.61.192 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:13:00 Win2K-f 61.17.187.26 (VSNL.NET.IN):
VIDESH SANCHAR NIGAM LTD - INDIA,
CHENNAI, TAMIL NADU, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:00:27:00 Win2K-f 89.37.70.131 (-):
SC MONIKA SUPERSERV SRL,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:28:00 Win2K-f 60.54.39.60 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:29:00 Win2K-f 123.195.61.192 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:39:00 Win2K-f 114.51.17.192 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:41:00 Win2K-f 83.49.223.151 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

T:00:43:00 Win2K-f 123.195.206.86 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:48:00 Win2K-f 218.161.102.177 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

00:52:00 Win2K-f 212.117.162.204 (-):
EYENET,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:53:00 Win2K-f 122.118.69.93 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

01:03:00 Win2K-f 221.125.141.54 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:09:00 Win2K-f 212.1.226.115 (TI.RU):
INTERNAL INFRASTRUCTURE,
RU. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:01:09:00 Win2K-f 62.5.164.88 (-):
MTU-CUST-2EEA,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

01:35:00 Win2K-f 59.120.239.144 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:35:00 Win2K-f 116.53.49.68 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

T:01:43:00 Win2K-f 116.53.49.68 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

T:01:45:00 Win2K-f 61.230.124.181 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:45:00 Win2K-f 87.121.148.49 (NETERRA.NET):
NETERRAIP,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:01:47:00 Win2K-f 59.115.162.185 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:57:00 Win2K-f 82.17.108.74 (NTL.COM):
NTL INFRASTRUCTURE - LEICESTER,
UK. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:01:00 Win2K-f 213.107.128.101 (NTL.COM):
NTL LUTON - CABLE HEADEND,
STEVENAGE, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:07:00 Win2K-f 58.68.73.34 (-):
DISHNET WIRELESS LTD INDIA,
HYDERABAD, ANDHRA PRADESH, IN. (DIAL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

02:21:00 Win2K-f 79.23.242.217 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:21:00 Win2K-f 122.118.74.239 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:02:34:00 Win2K-f 79.23.242.217 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:35:00 Win2K-f 125.230.161.243 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:35:00 Win2K-f 213.107.128.101 (NTL.COM):
NTL LUTON - CABLE HEADEND,
STEVENAGE, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:47:00 Win2K-f 212.117.162.204 (-):
EYENET,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:47:00 Win2K-f 61.230.124.181 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:52:00 Win2K-f 59.104.24.89 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:04:00 Win2K-f 125.110.165.76 (163DATA.COM.CN):
CHINANET-ZJ WENZHOU NODE NETWORK,
WENZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:23:00 Win2K-f 118.171.173.109 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:47:00 Win2K-f 122.125.84.94 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:47:00 Win2K-f 24.86.102.99 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:51:00 Win2K-f 69.61.202.61 (FUSE.NET):
FUSE INTERNET ACCESS,
ERLANGER, KENTUCKY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:05:00 Win2K-f 219.86.224.251 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:05:00 Win2K-f 123.204.168.120 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:10:00 Win2K-f 122.2.212.112 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:28:00 Win2K-f 82.106.156.124 (BUSINESS.TELECOMITALIA.IT):
TELECOM ITALIA WIRELINE SERVICES,
IT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:39:00 Win2K-f 122.2.212.112 (PLDT.NET):
IPG,
PH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:44:00 Win2K-f 69.61.202.61 (FUSE.NET):
FUSE INTERNET ACCESS,
ERLANGER, KENTUCKY, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:49:00 Win2K-f 85.126.7.211 (-):
H. STOCKER GMBHKAMINSYSTEME,
INNSBRUCK, TIROL, AT. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:06:00 Win2K-f 200.68.36.187 (PTR.TIC.CL):
TEEMSR-LACNIC,
SANTIAGO, REGION METROPOLITANA, CL. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:13:00 Win2K-f 190.157.57.49 (CABLE.NET.CO):
TV CABLE S.A,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:14:00 Win2K-f 203.73.111.169 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:33:00 Win2K-f 119.77.221.8 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:36:00 Win2K-f 71.99.186.81 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
TAMPA, FLORIDA, US. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:05:54:00 Win2K-f 117.44.16.58 (163DATA.COM.CN):
CHINANET JIANGXI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

06:00:00 WinXP 70.182.94.50 (COX.NET):
COX COMMUNICATIONS,
OKLAHOMA CITY, OKLAHOMA, US. 61.235.117.81:65520 HK:proxim.ircgalaxy.pl
US:microsoft.com
EU:childhe.com
NL:griehe.com 135 pcap raw alerts
ruleset irc
http
157 lines Yeah : 1.8
profile none summary
tarball 25 of 39
10 of 39
32 of 33
10 of 39
29 of 33 4a56334f3f
NEW
6229df4eee
NEW
87e1117f2a
[Firefox:35 hits: 07-18 to 11-19]
95ec62569d
NEW
b4fe4581c3
[Firefox:35 hits: 07-18 to 11-19] none[none]
none [none]
none [none]
none [none]
none [none] none:none
none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none
none|none none
none
none
none
none none
none
none
none
none

06:01:00 Win2K-f 61.64.18.157 (-):
PHOENIX CATV C,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:03:00 Win2K-f 84.40.31.93 (CANDIDHOSTING.COM):
HOSTWAY TAMPA FL,
TAMPA, KANSAS, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

06:09:00 Win2K-f 122.5.181.95 (163DATA.COM.CN):
CHINANET SHANDONG PROVINCE NETWORK,
JINAN, SHANDONG, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:14:00 Win2K-f 91.82.62.11 (-):
BOLY POLGARMESTERI HIVATAL,
HU. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:28:00 Win2K-f 59.115.182.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:28:00 Win2K-f 186.9.145.252 (-):
. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:42:00 Win2K-f 190.128.78.35 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

06:44:00 Win2K-f 190.24.241.78 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:46:00 Win2K-f 213.147.34.212 (-):
SUBNETWORK FOR VM2676-RIPE,
RU. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:58:00 Win2K-f 212.163.133.78 (LOCALHOST):
BT TELECOMUNICACIONES,
MADRID, MADRID, ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:00:00 Win2K-f 125.21.226.158 (125.AIRTELBROADBAND.IN):
BHARTI TELEVENTURES LTD. - ABTS,
DELHI, DELHI, IN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:57 hits: 11-27 to 01-20] none[3] none:none
UPX| none trace

T:07:02:00 Win2K-f 190.64.30.255 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:07:03:00 Win2K-f 59.125.3.213 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:07:17:00 Win2K-f 190.24.241.78 (ETB.NET.CO):
ETB - COLOMBIA,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:27:00 Win2K-f 71.99.186.81 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
TAMPA, FLORIDA, US. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

07:29:00 Win2K-f 203.77.62.189 (GCN.NET.TW):
GLOBAL COMMUNICATION NETWORK CORP,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:29:00 Win2K-f 87.97.199.245 (GGBIT.NET):
EKK CATV PLOVDIV,
PLOVDIV, PLOVDIV, BG. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:07:40:00 Win2K-f 123.204.11.234 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:43:00 Win2K-f 200.49.22.57 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

07:55:00 Win2K-f 200.71.98.203 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:101 hits: 11-23 to 01-20] none[3] none:none
StarForce| none trace

T:08:03:00 Win2K-f 190.0.86.33 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

08:04:00 Win2K-f 190.50.37.96 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

08:05:00 Win2K-f 85.126.7.211 (-):
H. STOCKER GMBHKAMINSYSTEME,
INNSBRUCK, TIROL, AT. (100Mbps) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:11:00 Win2K-f 218.62.248.190 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:19:00 Win2K-f 125.21.226.158 (125.AIRTELBROADBAND.IN):
BHARTI TELEVENTURES LTD. - ABTS,
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:57 hits: 11-27 to 01-20] none[3] none:none
UPX| none trace

T:08:22:00 Win2K-f 200.71.98.203 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 71afca1665
[Firefox:101 hits: 11-23 to 01-20] none[3] none:none
StarForce| none trace

T:08:35:00 Win2K-f 210.55.78.120 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:38:00 Win2K-f 190.50.37.96 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

08:46:00 Win2K-f 190.68.249.94 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:52:00 Win2K-f 190.68.249.94 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:01:00 Win2K-f 196.12.10.13 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

09:06:00 Win2K-f 190.64.15.2 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:12:00 Win2K-f 190.64.151.80 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:09:27:00 Win2K-f 61.224.103.111 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

09:28:00 Win2K-f 189.38.193.110 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

09:33:00 Win2K-f 218.62.248.190 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:41:00 Win2K-f 123.204.11.234 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:41:00 Win2K-f 66.77.206.81 (BAYSHOREHOSTING.COM):
BAYSHORE SOLUTIONS,
LOS ANGELES, CALIFORNIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:47:00 Win2K-f 190.64.15.2 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:53:00 Win2K-f 89.19.12.82 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:57:00 Win2K-f 66.77.206.81 (BAYSHOREHOSTING.COM):
BAYSHORE SOLUTIONS,
LOS ANGELES, CALIFORNIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:59:00 Win2K-f 210.64.116.197 (SEED.NET.TW):
DIGITAL UNITED INC,
TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:10:00 Win2K-f 190.0.86.33 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:10:13:00 Win2K-f 190.64.151.80 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:10:21:00 Win2K-f 200.49.22.57 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

10:25:00 Win2K-f 89.101.91.245 (NTLWORLD.IE):
NTL COMMUNICATIONS (IRELAND) LIMITED,
IE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:27:00 Win2K-f 201.88.111.218 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:32:00 Win2K-f 187.5.100.75 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

10:33:00 Win2K-f 64.92.216.133 (DATA393.NET):
DATA393 INC,
ENGLEWOOD, COLORADO, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:54:00 Win2K-f 218.170.223.112 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:11:00 Win2K-f 213.42.198.246 (-):
SWISS ARABIAN PERFUMES IND LLC,
DUBAI, DUBAI, AE. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:15:00 Win2K-f 190.51.242.148 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:11:36:00 Win2K-f 218.170.223.112 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:37:00 Win2K-f 69.1.239.99 (-):
ARBINET-THEXCHANGE INC,
NEW BRUNSWICK, NEW JERSEY, US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:39:00 Win2K-f 200.87.177.189 (ORION.PNUD.BO):
ENTEL S.A. - ENTELNET,
BO. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:43:00 Win2K-f 190.50.42.73 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:59:00 Win2K-f 201.25.117.146 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:01:00 Win2K-f 64.92.216.133 (DATA393.NET):
DATA393 INC,
ENGLEWOOD, COLORADO, US. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
7 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:11:00 Win2K-f 189.61.86.167 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

12:15:00 Win2K-f 210.64.116.197 (SEED.NET.TW):
DIGITAL UNITED INC,
TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:29:00 Win2K-f 190.15.195.18 (ITCSA.NET):
INFORMTICA Y TELECOMUNICACIONES S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

12:50:00 Win2K-f 62.105.6.59 (ISURGUT.RU):
OPEN JOINT-STOCK COMPANY URALSVIAZINFORM BRANCH OF THE KHANTYMANSIYSK REGION,
RU. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:56:00 Win2K-f 62.105.6.59 (ISURGUT.RU):
OPEN JOINT-STOCK COMPANY URALSVIAZINFORM BRANCH OF THE KHANTYMANSIYSK REGION,
RU. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:58:00 Win2K-f 66.109.31.37 (GALAXYVISIONS.COM):
GALAXYVISIONS INC,
ALBANY, NEW YORK, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:05:00 Win2K-f 196.43.78.98 (TTCLDATA.NET):
AFRINIC,
DAR ES SALAAM, DAR ES SALAAM, TZ. n/a US:www.maxmind.com
TZ:196.43.78.98:7385
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:20:00 Win2K-f 80.82.84.62 (-):
JOINT STOCK COMPANY INFONET,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:42:00 Win2K-f 94.102.7.36 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:48:00 Win2K-f 189.61.86.167 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

13:48:00 Win2K-f 80.82.84.62 (-):
JOINT STOCK COMPANY INFONET,
RU. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:49:00 Win2K-f 189.63.34.233 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:13:52:00 Win2K-f 189.63.34.233 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:13:58:00 WinXP 80.62.168.192 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
VIRUM, COPENHAGEN, DK. (DSL) 61.235.117.81:65520 EU:bglhnvxueb.net
:jebo.name
US:windownupdates.biz
:sutraway.info
:bricksfree.info
:electron.name
US:bontrafic.org
US:impression.name 139 pcap raw alerts
ruleset irc
http
http
http
182 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:13:59:00 Win2K-f 78.56.211.146 (ZEBRA.LT):
LIETUVOS,
LT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:22:00 Win2K-f 208.68.113.71 (LCOM.NET):
LIBERTY COMMUNICATIONS,
WEST BRANCH, IOWA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:14:23:00 Win2K-f 94.76.204.85 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

T:14:23:00 Win2K-f 85.251.29.224 (ONO.COM):
AUNA - ARAGON,
ES. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

14:27:00 Win2K-f 202.141.224.43 (MULTI.NET.PK):
MULTINETBROADBAND,
KARACHI, SINDH, PK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:28:00 Win2K-f 190.157.57.49 (CABLE.NET.CO):
TV CABLE S.A,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset lanman
http
27 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:33:00 Win2K-f 208.68.113.71 (LCOM.NET):
LIBERTY COMMUNICATIONS,
WEST BRANCH, IOWA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:14:47:00 Win2K-f 201.32.232.199 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:50:00 Win2K-f 190.220.111.50 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:54:00 Win2K-f 94.76.204.85 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

14:59:00 Win2K-f 85.251.29.224 (ONO.COM):
AUNA - ARAGON,
ES. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:15:03:00 Win2K-f 81.84.39.232 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:11:00 Win2K-f 200.114.9.173 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

15:12:00 Win2K-f 190.90.110.235 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:17:00 Win2K-f 122.121.0.25 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:28:00 Win2K-f 91.139.198.118 (-):
CABLETEL_CMTS,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

T:15:30:00 Win2K-f 84.126.51.56 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:15:30:00 Win2K-f 200.112.243.20 (CMET.NET):
CMET SACI,
SANTIAGO, REGION METROPOLITANA, CL. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:15:31:00 Win2K-f 123.195.63.44 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:55:00 Win2K-f 91.139.198.118 (-):
CABLETEL_CMTS,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

15:57:00 Win2K-f 84.51.80.232 (IPAPER.COM):
BLOCK FOR PI ASSIGNMENTS,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

16:12:00 Win2K-f 83.103.39.221 (IP.FASTWEBNET.IT):
SOFTWORK DI PAPOIA PUBLIC SUBNET,
ROME, LAZIO, IT. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:16:00 Win2K-f 190.51.135.170 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

16:23:00 Win2K-f 78.34.55.160 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
KOELN, NORDRHEIN-WESTFALEN, DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:23:00 Win2K-f 123.204.78.30 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:31:00 Win2K-f 96.10.116.65 (-):
. n/a 135 pcap raw alerts
ruleset other
5 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:34:00 Win2K-f 123.204.78.30 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:35:00 Win2K-f 78.34.55.160 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
KOELN, NORDRHEIN-WESTFALEN, DE. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:40:00 Win2K-f 62.193.22.103 (MAPNAGENERATOR.COM):
DPI,
IR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:16:46:00 Win2K-f 213.0.109.137 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
VIGO, GALICIA, ES. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:48:00 Win2K-f 189.123.168.0 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:17:01:00 Win2K-f 212.112.227.68 (IPXSERVER.DE):
IPX SERVER GMBH,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:02:00 Win2K-f 59.105.21.79 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:12:00 Win2K-f 202.141.224.43 (MULTI.NET.PK):
MULTINETBROADBAND,
KARACHI, SINDH, PK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:13:00 Win2K-f 219.87.248.247 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:17:00 Win2K-f 200.35.41.243 (EDATEL.NET.CO):
EDATEL S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:30:00 Win2K-f 82.12.102.108 (NTL.COM):
NTL INFRASTRUCTURE - LUTON,
LONDON, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:57 hits: 11-27 to 01-20] none[3] none:none
UPX| none trace

17:36:00 Win2K-f 212.112.227.68 (IPXSERVER.DE):
IPX SERVER GMBH,
DE. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:49:00 Win2K-f 189.58.148.103 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

17:56:00 Win2K-f 218.108.61.171 (EMALLS.COM.CN):
BEIJING OPTIEAST NETWORKS TECH CO. LTD,
BEIJING, GUANGDONG, CN. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

17:56:00 Win2K-f 89.19.14.66 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:15:00 Win2K-f 218.108.61.171 (EMALLS.COM.CN):
BEIJING OPTIEAST NETWORKS TECH CO. LTD,
BEIJING, GUANGDONG, CN. (100Mbps) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

18:18:00 Win2K-f 59.104.169.189 (SEED.NET.TW):
DIGITAL UNITED I,
KAOHSIUNG, KAO-HSIUNG, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:30:00 Win2K-f 203.67.163.211 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:33:00 Win2K-f 94.102.9.12 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:38:00 Win2K-f 122.127.219.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:39:00 Win2K-f 190.66.24.202 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:18:41:00 Win2K-f 122.127.219.137 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:43:00 Win2K-f 60.250.202.148 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:45:00 Win2K-f 81.56.162.17 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:00:00 Win2K-f 61.47.61.205 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:05:00 Win2K-f 190.49.56.32 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:18:00 Win2K-f 217.31.178.170 (BITNET.NU):
ADSL FOR PRIVATE CUSTOMERS,
BORLäNGE, DALARNAS, SE. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:30:00 Win2K-f 64.38.91.122 (SPEAKEASY.NET):
US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

19:31:00 Win2K-f 222.88.122.216 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:48:00 Win2K-f 217.31.178.170 (BITNET.NU):
ADSL FOR PRIVATE CUSTOMERS,
BORLäNGE, DALARNAS, SE. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:55:00 Win2K-f 130.13.147.151 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:14 hits: 11-05 to 01-29] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

19:56:00 Win2K-f 201.24.4.124 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:05:00 Win2K-f 203.67.163.211 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:12:00 Win2K-f 114.40.198.62 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:24:00 Win2K-f 222.88.122.216 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:27:00 Win2K-f 190.26.166.12 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:42:00 Win2K-f 61.47.61.205 (ICSPACE.NET):
PACIFIC INTERNET THAILAND,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:43:00 Win2K-f 114.40.198.62 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:51:00 Win2K-f 89.19.15.106 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:07:00 Win2K-f 88.84.24.179 (-):
WASSER - UND ELEKTRIZITAETSWERK DER GEMEINDE BUCHS SG,
CH. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:09:00 Win2K-f 194.8.75.239 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:21:17:00 Win2K-f 218.75.146.168 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:20:00 Win2K-f 220.137.113.101 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:22:00 Win2K-f 218.75.146.168 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:26:00 Win2K-f 118.160.236.170 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:37:00 Win2K-f 89.19.15.106 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:38:00 Win2K-f 122.118.210.30 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:42:00 Win2K-f 61.67.135.41 (KBTELECOM.NET.TW):
KOOS BROADBAND TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:47:00 Win2K-f 186.9.147.244 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:48:00 Win2K-f 122.117.23.196 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:55:00 Win2K-f 117.22.83.162 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:56:00 Win2K-f 195.62.234.139 (VOIP.EUTELIA.IT):
EDISONTEL,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:56:00 Win2K-f 201.172.126.166 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:22:08:00 Win2K-f 88.84.24.179 (-):
WASSER - UND ELEKTRIZITAETSWERK DER GEMEINDE BUCHS SG,
CH. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:15:00 Win2K-f 195.62.234.139 (VOIP.EUTELIA.IT):
EDISONTEL,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:28:00 Win2K-f 117.22.83.162 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:28:00 Win2K-f 217.95.77.96 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DARMSTADT, HESSEN, DE. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:40:00 Win2K-f 61.67.135.41 (KBTELECOM.NET.TW):
KOOS BROADBAND TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:42:00 Win2K-f 125.224.35.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:55:00 Win2K-f 123.195.74.153 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:04:00 Win2K-f 186.9.147.244 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:07:00 Win2K-f 130.13.167.61 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:09:00 Win2K-f 219.71.113.119 (NVWTV.COM.TW):
HOSHIN GIGAMEDIA CENTER INC,
TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:21:00 Win2K-f 59.115.77.223 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:22:00 Win2K-f 125.224.35.33 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:38:00 Win2K-f 201.24.4.106 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:44:00 Win2K-f 203.70.122.250 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:54:00 Win2K-f 123.195.201.65 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace