Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

06 February 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:05:00 Win2K-f 116.52.112.52 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:20:00 Win2K-f 190.2.0.70 (IPLANNETWORKS.NET):
NSS S.A,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:23:00 Win2K-f 200.42.215.44 (TRICOM.NET):
TRICOM,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:00:24:00 Win2K-f 74.63.193.228 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:25:00 Win2K-f 92.82.95.230 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:00:44:00 Win2K-f 59.114.123.235 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:44:00 Win2K-f 200.3.221.57 (NET.AR):
TELEDIFUSORA S.A,
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

00:52:00 Win2K-f 200.3.221.57 (NET.AR):
TELEDIFUSORA S.A,
ROSARIO, SANTA FE, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

00:53:00 Win2K-f 203.70.85.162 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:05:00 Win2K-f 220.136.19.12 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

01:07:00 Win2K-f 118.170.88.118 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] none[3] none:none
UPX| none trace

T:01:29:00 Win2K-f 77.42.66.83 (VICENZAWIRELESS.COM):
E4A,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:39:00 Win2K-f 203.70.110.62 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:47:00 Win2K-f 220.136.19.12 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:01:53:00 Win2K-f 122.124.164.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:00:00 Win2K-f 124.8.6.251 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:06:00 Win2K-f 140.113.165.40 (TTCT.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

T:02:14:00 Win2K-f 59.92.255.23 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
BANGALORE, KARNATAKA, IN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:20:00 Win2K-f 122.124.164.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:22:00 Win2K-f 59.95.9.216 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
DELHI, DELHI, IN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:25:00 Win2K-f 59.92.255.23 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
BANGALORE, KARNATAKA, IN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:31:00 Win2K-f 123.204.143.62 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:32:00 Win2K-f 95.28.229.240 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:34:00 Win2K-f 61.19.248.28 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:02:35:00 Win2K-f 130.13.153.91 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:14 hits: 11-05 to 01-29] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

02:35:00 Win2K-f 200.71.107.224 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:40:00 Win2K-f 121.70.204.8 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:51:00 Win2K-f 119.125.24.58 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:04:00 Win2K-f 72.90.84.227 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:06:00 Win2K-f 122.118.19.3 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:07:00 Win2K-f 200.49.248.33 (-):
TELMEX USA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:13:00 Win2K-f 121.70.204.8 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:18:00 Win2K-f 122.118.19.3 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:21:00 Win2K-f 211.75.67.43 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:34:00 Win2K-f 119.60.132.173 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:03:44:00 Win2K-f 61.19.248.28 (THAITSUNAMI.COM):
CAT TELECOM DATA COMM. DEPT INTRENET OFFICE,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

03:45:00 Win2K-f 122.118.238.184 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:47:00 Win2K-f 58.23.170.121 (-):
CNCGROUP FUJIAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:49:00 Win2K-f 121.32.101.191 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
GUANGZHOU, GUANGDONG, CN. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:52:00 Win2K-f 77.108.99.74 (AVI.RU):
COMCOR,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

03:57:00 Win2K-f 77.108.99.74 (AVI.RU):
COMCOR,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:04:01:00 Win2K-f 92.48.65.19 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:04:03:00 Win2K-f 119.60.132.173 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

04:06:00 Win2K-f 82.254.61.83 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 20 of 39 302c26a91d
NEW none[none] none:none
none|none none none

T:04:15:00 Win2K-f 59.126.119.73 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:21:00 Win2K-f 119.125.24.58 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:26:00 Win2K-f 91.66.219.67 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

04:33:00 Win2K-f 79.115.177.79 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:35:00 Win2K-f 92.48.65.19 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

04:44:00 Win2K-f 200.80.157.122 (TECHTELNET.NET):
AT&T ARGENTINA S.A,
CONCORDIA, ENTRE RIOS, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:04:46:00 Win2K-f 193.0.69.47 (EDU.PL):
WARSAW UNIVERSITY COMPUTER NETWORK,
WARSAW, MAZOWIECKIE, PL. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:48:00 Win2K-f 200.81.146.217 (TECHTELNET.NET):
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:48:00 Win2K-f 220.141.97.195 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:54:00 Win2K-f 117.33.99.129 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

04:54:00 Win2K-f 91.102.160.226 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:10:00 Win2K-f 59.112.44.12 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:27:00 Win2K-f 60.178.44.129 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:30:00 Win2K-f 203.70.120.20 (SEED.NET.TW):
DIGITAL UNITED INC,
KAOHSIUNG, KAO-HSIUNG, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:50:00 Win2K-f 59.114.142.226 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:51:00 Win2K-f 91.102.160.226 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:02:00 Win2K-f 81.57.147.238 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:05:00 Win2K-f 81.57.147.238 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:28:00 Win2K-f 59.114.142.226 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:31:00 Win2K-f 59.125.193.140 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:06:36:00 Win2K-f 200.81.146.217 (TECHTELNET.NET):
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:39:00 Win2K-f 77.23.118.133 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:06:43:00 Win2K-f 88.65.77.18 (ARCOR-IP.NET):
ARCOR-DSL-NET,
TRIER, RHEINLAND-PFALZ, DE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

06:53:00 Win2K-f 91.66.219.67 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

06:54:00 Win2K-f 220.189.160.228 (163DATA.COM.CN):
CHINANET-ZJ TAIZHOU NODE NETWORK,
CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:54:00 Win2K-f 200.49.22.40 (BSR1000.PAPNET.CL):
PLUG AND PLAY NET S.A,
CL. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

06:55:00 Win2K-f 94.102.6.224 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:18:00 Win2K-f 59.112.250.192 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:21:00 Win2K-f 190.51.103.101 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

07:36:00 Win2K-f 92.48.65.19 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

07:49:00 Win2K-f 190.204.168.7 (CANTV.NET):
CANTV SERVICIOS VENEZUELA,
VE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:56:00 Win2K-f 75.119.108.34 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:08:00 Win2K-f 24.120.34.39 (COX.NET):
COX COMMUNICATIONS INC,
LAS VEGAS, NEVADA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:17:00 Win2K-f 71.111.65.218 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
BEAVERTON, OREGON, US. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:18:00 Win2K-f 78.110.9.2 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:23:00 Win2K-f 201.67.46.226 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:31:00 Win2K-f 201.73.242.53 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:08:35:00 Win2K-f 123.195.17.100 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:45:00 Win2K-f 212.6.58.36 (DPI.NET.IR):
ARCHWAY,
IT. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:52:00 Win2K-f 200.106.197.73 (SUPERCABLETV.NET.CO):
SUPERCABLE TELECOMUNICACIONES,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:06:00 Win2K-f 78.59.132.198 (ZEBRA.LT):
LIETUVOS,
LT. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:11:00 Win2K-f 78.110.9.2 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:18:00 Win2K-f 186.9.23.175 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:21:00 Win2K-f 190.3.92.194 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:26:00 Win2K-f 88.65.77.18 (ARCOR-IP.NET):
ARCOR-DSL-NET,
TRIER, RHEINLAND-PFALZ, DE. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:09:26:00 Win2K-f 190.3.92.194 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
AR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:40:00 Win2K-f 94.223.183.16 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:53:00 Win2K-f 38.99.182.6 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

09:53:00 Win2K-f 190.26.75.94 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:10:02:00 Win2K-f 66.107.74.2 (ALGX.NET):
XO COMMUNICATIONS,
VOORHEES, NEW JERSEY, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:07:00 Win2K-f 61.219.59.5 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:13:00 Win2K-f 59.93.87.14 (10/24.BSNL.IN):
NIB (NATIONAL INTERNET BACKBONE),
HYDERABAD, ANDHRA PRADESH, IN. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:29:00 Win2K-f 190.81.111.136 (TELMEX.COM.PE):
TELMEX PERU S.A,
PE. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:34:00 Win2K-f 67.14.235.51 (BROADSTAR.COM):
BROADSTAR,
POMPANO BEACH, FLORIDA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:37:00 Win2K-f 186.9.23.175 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:10:38:00 Win2K-f 117.33.52.41 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

10:46:00 Win2K-f 211.74.48.85 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:52:00 Win2K-f 200.108.255.98 (DEDICADO.COM.UY):
TECNOWIND S.A,
MONTEVIDEO, MONTEVIDEO, UY. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:11:01:00 Win2K-f 119.1.93.52 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

11:01:00 Win2K-f 116.59.189.60 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:04:00 Win2K-f 212.58.116.38 (ALDAGI.COM.GE):
IBERIAPAC,
GE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

11:20:00 Win2K-f 88.2.179.84 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
VALENCIA, VALENCIA, ES. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:27:00 Win2K-f 91.65.48.34 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:58:00 Win2K-f 200.42.215.124 (TRICOM.NET):
TRICOM,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

11:59:00 Win2K-f 200.122.235.106 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:01:00 Win2K-f 125.232.1.181 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:13:00 Win2K-f 190.67.84.58 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:12:18:00 Win2K-f 190.67.84.58 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

12:26:00 Win2K-f 81.12.9.53 (-):
PIROOZ,
IR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:12:28:00 Win2K-f 208.87.58.110 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:31:00 Win2K-f 82.251.66.174 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:32:00 Win2K-f 115.43.217.166 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:45:00 Win2K-f 122.120.9.104 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:09:00 Win2K-f 186.9.12.176 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:13:24:00 Win2K-f 84.123.170.171 (ONO.COM):
CABLEUROPA - ONO,
ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:36:00 Win2K-f 59.124.5.202 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:36:00 Win2K-f 122.120.9.104 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:55:00 Win2K-f 81.57.150.129 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:56:00 Win2K-f 212.1.226.115 (TI.RU):
INTERNAL INFRASTRUCTURE,
RU. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:14:04:00 Win2K-f 190.9.89.9 (UNIWEB.NET.CO):
UNITEL S.A E.S.P,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

14:08:00 Win2K-f 61.56.170.129 (UBBN.NET):
UNION CABLE TV CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:15:00 Win2K-f 211.20.201.15 (YY-YONYU.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:28:00 Win2K-f 211.20.201.15 (YY-YONYU.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:34:00 Win2K-f 200.35.235.232 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:49:00 Win2K-f 201.74.99.134 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:51:00 Win2K-f 75.125.129.94 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:53:00 Win2K-f 93.81.84.244 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

14:56:00 Win2K-f 151.59.3.226 (38-151.NET24.IT):
IUNET-BNET,
IT. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:07:00 Win2K-f 201.254.42.25 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:15:11:00 Win2K-f 124.236.81.180 (163DATA.COM.CN):
CHINANET HEBEI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:24:00 Win2K-f 118.232.13.168 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:33:00 Win2K-f 190.64.170.121 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:34:00 Win2K-f 190.50.35.251 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:46:00 Win2K-f 190.105.38.85 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:56:00 Win2K-f 190.0.86.33 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:15:57:00 Win2K-f 120.50.96.155 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:16:04:00 Win2K-f 201.173.38.31 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

16:10:00 Win2K-f 89.106.8.112 (GRID.COM.TR):
VERSCOM-GRID-NET,
TR. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:12:00 Win2K-f 190.64.170.121 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:23:00 Win2K-f 212.45.19.61 (-):
NETWORK FOR ZAO ART-SERVIS,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:28:00 Win2K-f 61.223.2.52 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:30:00 Win2K-f 122.125.208.21 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:37:00 Win2K-f 212.45.19.61 (-):
NETWORK FOR ZAO ART-SERVIS,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:45:00 Win2K-f 202.3.225.72 (NS1.MANA.PF):
MANA S.A,
PAPEETE, FRENCH POLYNESIA, PF. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:51:00 Win2K-f 219.95.33.198 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 10 of 38 0fadd81286
[Firefox: 6 hits: 12-07 to 01-13] none[3] none:none
StarForce| none trace

16:54:00 Win2K-f 88.55.240.2 (BUSINESS.TELECOMITALIA.IT):
S.P.A. PETTINATURA ITALIANA,
IT. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:55:00 Win2K-f 219.95.33.198 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
MY:219.95.33.198:4239
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 10 of 38 0fadd81286
[Firefox: 6 hits: 12-07 to 01-13] none[3] none:none
StarForce| none trace

T:17:06:00 Win2K-f 190.7.145.137 (-):
EMTELSA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:12:00 Win2K-f 209.17.190.85 (GROUPTELECOM.NET):
ESECUREDATA,
SURREY, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:15:00 Win2K-f 201.231.178.139 (SRC.ORG):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:27:00 Win2K-f 211.20.190.103 (YY-YONYU.COM.TW):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:30:00 Win2K-f 122.125.208.21 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:52:00 Win2K-f 190.96.165.51 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

18:02:00 Win2K-f 212.89.27.231 (CM-212-89-26-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:03:00 Win2K-f 190.97.149.159 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

18:09:00 Win2K-f 208.84.203.68 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:10:00 Win2K-f 190.140.103.103 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:21:00 WinXP 130.13.85.95 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:14 hits: 11-05 to 01-29] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

18:27:00 Win2K-f 190.165.43.185 (-):
EMTELSA S.A. E.S.P,
CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:30:00 Win2K-f 190.0.73.179 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:31:00 Win2K-f 66.60.219.149 (NEWULMTEL.NET):
NEW ULM TELECOM INC,
NEW ULM, MINNESOTA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:37:00 Win2K-f 92.42.92.36 (IKBCC.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:44:00 Win2K-f 122.121.56.206 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:49:00 Win2K-f 130.13.219.40 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:14 hits: 11-05 to 01-29] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

T:18:53:00 Win2K-f 190.51.252.185 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:18:54:00 Win2K-f 203.70.168.187 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:56:00 Win2K-f 201.231.178.139 (SRC.ORG):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:04:00 Win2K-f 186.9.2.134 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:05:00 Win2K-f 72.75.49.172 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:15:00 Win2K-f 59.104.111.45 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

19:17:00 Win2K-f 190.0.73.179 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

19:23:00 Win2K-f 203.70.172.170 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:25:00 Win2K-f 122.125.225.61 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:37:00 Win2K-f 58.27.194.243 (-):
NATIONAL WIMAX/IMS ENVIRONMENT,
PK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:37:00 Win2K-f 190.81.111.131 (TELMEX.COM.PE):
TELMEX PERU S.A,
PE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:41:00 Win2K-f 61.57.69.116 (LSC.NET.TW):
TBCOM-NET,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:47:00 Win2K-f 64.56.64.34 (VRTSERVERS.NET):
VRTSERVERS INC,
SEWICKLEY, PENNSYLVANIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:52:00 Win2K-f 58.27.194.243 (-):
NATIONAL WIMAX/IMS ENVIRONMENT,
PK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:54:00 Win2K-f 210.11.197.29 (-):
TC & DM GIUFRE-SWEETSER PTY LTD,
AU. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

19:56:00 Win2K-f 190.97.157.132 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 17cf6a5252
[Firefox:12 hits: 12-03 to 01-14] none[3] none:none
UPX| none trace

19:59:00 Win2K-f 220.137.23.14 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:15:00 Win2K-f 60.178.55.74 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:16:00 Win2K-f 60.178.55.74 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:17:00 Win2K-f 122.121.56.206 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

20:18:00 Win2K-f 122.125.225.61 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:24:00 Win2K-f 211.161.172.167 (-):
FOR GWBN SHANGHAI QAAD RESIDENTIAL COMMUNITY BROADBAND USERS' ACCESS,
SHANGHAI, SHANGHAI, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:25:00 Win2K-f 114.44.191.88 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

20:31:00 Win2K-f 201.172.105.141 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:20:33:00 Win2K-f 59.104.111.45 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:20:38:00 Win2K-f 114.47.198.169 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:48:00 Win2K-f 58.47.100.41 (-):
CHINANET HUNAN PROVINCE NETWORK,
CHANGSHA, HUNAN, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

20:58:00 Win2K-f 87.119.91.2 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:21:06:00 Win2K-f 61.57.69.116 (LSC.NET.TW):
TBCOM-NET,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:10:00 Win2K-f 122.25.189.12 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

21:22:00 Win2K-f 124.113.144.168 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:24:00 Win2K-f 94.76.198.79 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:28:00 Win2K-f 202.52.75.44 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

T:21:29:00 Win2K-f 201.172.105.141 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

21:39:00 Win2K-f 59.104.111.45 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:21:48:00 Win2K-f 202.3.245.13 (PRALINE.CHT.PF):
MANA S.A,
PAPEETE, FRENCH POLYNESIA, PF. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:48:00 Win2K-f 190.220.125.9 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:21:49:00 Win2K-f 94.76.198.79 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:52:00 Win2K-f 190.220.125.9 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:22:05:00 Win2K-f 124.113.144.168 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:05:00 Win2K-f 60.249.141.153 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

22:10:00 Win2K-f 211.161.172.167 (-):
FOR GWBN SHANGHAI QAAD RESIDENTIAL COMMUNITY BROADBAND USERS' ACCESS,
SHANGHAI, SHANGHAI, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:14:00 Win2K-f 209.88.93.37 (TELCOINTERNET.CO.ZW):
TELONE(FORMERLY ZPTC),
KWEKWE, MIDLANDS, ZW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

22:23:00 Win2K-f 118.141.28.250 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:40:00 Win2K-f 119.86.179.89 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:22:48:00 Win2K-f 203.77.79.228 (GCN.NET.TW):
GLOBAL COMMUNICATION NETWORK CORP,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:51:00 Win2K-f 209.88.93.37 (TELCOINTERNET.CO.ZW):
TELONE(FORMERLY ZPTC),
KWEKWE, MIDLANDS, ZW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:22:59:00 Win2K-f 118.141.28.250 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:12:00 Win2K-f 202.52.75.44 (TTL.COM.SG):
NETPLUS COMMUNICATIONS PTE LTD,
SINGAPORE, SINGAPORE, SG. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

T:23:21:00 Win2K-f 61.217.235.5 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:29:00 Win2K-f 190.0.81.173 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:23:34:00 Win2K-f 121.254.74.37 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:36:00 Win2K-f 190.141.252.234 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:37:00 Win2K-f 118.165.69.206 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:50:00 Win2K-f 60.249.141.153 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:23:51:00 Win2K-f 82.91.141.2 (POOL8291.INTERBUSINESS.IT):
TELECOM ITALIA WIRELINE SERVICES,
ROME, LAZIO, IT. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:51:00 Win2K-f 119.77.206.253 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:57:00 Win2K-f 64.20.43.202 (ALEXSRV40.COM):
INTERSERVER INC,
PALMDALE, CALIFORNIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace