Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

08 February 2009
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:06:00 Win2K-f 210.55.78.120 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:08:00 Win2K-f 210.55.78.120 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:09:00 Win2K-f 116.30.226.84 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:20:00 Win2K-f 94.76.198.81 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:20:00 Win2K-f 202.149.44.179 (EXATT.NET):
POWERNET,
MUMBAI, MAHARASHTRA, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:21:00 Win2K-f 211.74.229.189 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

00:21:00 Win2K-f 66.80.176.106 (MEGAPATH.NET):
MEGAPATH NETWORKS INC,
COSTA MESA, CALIFORNIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:24:00 Win2K-f 92.82.144.75 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:25:00 Win2K-f 89.34.9.98 (89.IN-ADDR.ARPA):
SC WORLDNET DATA COMUNICATII SRL,
RO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

00:27:00 Win2K-f 64.76.3.170 (NET.AR):
IMPSAT ARGENTINA,
AR. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:00:55:00 Win2K-f 38.107.205.215 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:00:56:00 Win2K-f 124.106.150.218 (PLDT.NET):
GNTC10K01_MYDSLLITE,
QUEZON CITY, MANILA, PH. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:02:00 Win2K-f 213.22.87.77 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:17:00 Win2K-f 92.82.144.75 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:01:22:00 Win2K-f 190.128.82.229 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] none[3] none:none
UPX| none trace

T:01:23:00 Win2K-f 118.101.195.126 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
5 lines Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

01:45:00 Win2K-f 213.39.238.24 (HANSENET.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] none[3] none:none
StarForce| none trace

T:01:48:00 Win2K-f 66.80.176.106 (MEGAPATH.NET):
MEGAPATH NETWORKS INC,
COSTA MESA, CALIFORNIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:52:00 Win2K-f 116.30.226.84 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

01:58:00 Win2K-f 114.47.89.247 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

01:58:00 Win2K-f 117.66.144.24 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:06:00 Win2K-f 173.45.79.197 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:12:00 Win2K-f 81.11.193.43 (DSL.SCARLET.BE):
PI-BELGIUM,
VILVOORDE, BRABANT WALLON, BE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:15:00 Win2K-f 94.76.216.231 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:18:00 Win2K-f 117.66.144.24 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:31:00 Win2K-f 173.45.79.197 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:34:00 Win2K-f 59.125.69.240 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:34:00 Win2K-f 192.100.76.54 (WESTLAB.COM):
WESTLAB CONSULTING,
RICHMOND, VIRGINIA, US. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:44:00 Win2K-f 220.128.123.206 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:02:45:00 Win2K-f 219.81.157.210 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:51:00 Win2K-f 94.76.216.231 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

02:52:00 Win2K-f 118.232.58.241 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 6 of 37 13e15a653e
[Firefox:47 hits: 11-21 to 01-28] none[3] none:none
UPX| none trace

T:03:06:00 Win2K-f 60.178.241.223 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 507252387e
[Firefox:57 hits: 11-27 to 01-20] none[3] none:none
UPX| none trace

03:12:00 Win2K-f 221.127.32.64 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:12:00 Win2K-f 122.118.200.117 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:22:00 Win2K-f 81.11.193.43 (DSL.SCARLET.BE):
PI-BELGIUM,
VILVOORDE, BRABANT WALLON, BE. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:03:30:00 Win2K-f 88.101.220.136 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:34:00 Win2K-f 123.54.29.203 (163DATA.COM.CN):
CHINANET HENAN PROVINCE NETWORK,
HENAN, GUIZHOU, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

03:47:00 Win2K-f 201.76.190.236 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

03:51:00 Win2K-f 120.7.6.202 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:03:59:00 Win2K-f 194.54.49.44 (KABLONET.COM.TR):
CABLE OPERATOR NETWORK OF TURK TELEKOM,
ANKARA, ANKARA, TR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:21:00 Win2K-f 219.81.157.210 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:25:00 Win2K-f 173.45.79.208 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

04:38:00 Win2K-f 211.74.233.85 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:41:00 Win2K-f 86.58.72.68 (-):
BONE,
SI. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:04:50:00 Win2K-f 84.2.177.111 (T-ONLINE.HU):
PROVIDER LOCAL REGISTRY,
HU. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:10:00 Win2K-f 122.118.200.117 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:11:00 Win2K-f 218.160.211.81 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:13:00 Win2K-f 173.45.79.208 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:16:00 Win2K-f 211.74.233.85 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:29:00 Win2K-f 201.254.83.214 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

05:39:00 Win2K-f 211.74.128.43 (SEED.NET.TW):
DIGITAL UNITED INC,
KAOHSIUNG, KAO-HSIUNG, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:05:51:00 Win2K-f 58.54.196.117 (163DATA.COM.CN):
CHINANET HUBEI PROVINCE NETWORK,
HUBEI, HUBEI, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

05:52:00 Win2K-f 200.71.98.69 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:00:00 Win2K-f 200.35.180.10 (GRUPONAVEGA.COM):
NAVEGA.COM S.A,
GT. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

06:08:00 Win2K-f 78.106.242.195 (CORBINA.NET):
INVESTELEKTROSVIAZ LTD,
RU. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:12:00 Win2K-f 200.35.180.10 (GRUPONAVEGA.COM):
NAVEGA.COM S.A,
GT. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:06:24:00 Win2K-f 218.160.211.81 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:30:00 Win2K-f 87.56.197.148 (BROADBAND.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
AUNING, ARHUS, DK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:06:40:00 Win2K-f 125.116.64.49 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

06:42:00 Win2K-f 190.48.14.125 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

06:49:00 Win2K-f 72.16.179.92 (BANKERSX.COM):
CBEYOND COMMUNICATIONS LLC,
ATLANTA, GEORGIA, US. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:06:50:00 Win2K-f 91.102.160.226 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80
TR:91.102.160.226:2659 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:02:00 Win2K-f 69.162.64.114 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:10:00 Win2K-f 82.28.225.23 (NTL.COM):
NTL INFRASTRUCTURE - NOTTINGHAM,
DONCASTER, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 29b0ab6522
[Firefox: 8 hits: 11-24 to 01-18] none[3] none:none
UPX| none trace

07:12:00 Win2K-f 91.102.160.226 (ATOLYEWEB.NET):
DATAFON ILETISIM A.S,
TR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:16:00 Win2K-f 193.30.110.108 (POWERED-BY.WILLUX.BE):
WILLUX BVBA,
BE. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:17:00 Win2K-f 190.8.203.186 (-):
UNION DE CABLEOPERADORES DEL CENTRO CABLECENTRO S.A,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:07:20:00 Win2K-f 82.17.66.5 (NTL.COM):
NTL INFRASTRUCTURE - OLDHAM,
STOCKPORT, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:07:25:00 Win2K-f 59.104.17.142 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:30:00 Win2K-f 219.81.157.210 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:31:00 Win2K-f 84.2.177.111 (T-ONLINE.HU):
PROVIDER LOCAL REGISTRY,
HU. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

07:42:00 Win2K-f 84.17.4.114 (LANCK.NET):
ONYX LTD,
RU. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:07:47:00 Win2K-f 87.110.43.40 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 139 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

08:01:00 Win2K-f 194.8.75.155 (LIX.LV):
LAST RESORT LOCAL REGISTRY,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:08:06:00 Win2K-f 189.48.52.24 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

08:09:00 Win2K-f 203.67.141.50 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:12:00 Win2K-f 58.100.62.15 (-):
WASU TV & COMMUNICATION HOLDING CO. LTD,
HANGZHOU, ZHEJIANG, CN. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:15:00 Win2K-f 114.47.194.145 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:08:20:00 Win2K-f 201.33.23.253 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:29:00 Win2K-f 59.117.208.95 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

08:43:00 Win2K-f 59.112.132.113 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:47:00 Win2K-f 93.156.171.129 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:08:51:00 Win2K-f 190.174.95.55 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:08:59:00 Win2K-f 117.67.170.123 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:02:00 Win2K-f 82.28.225.23 (NTL.COM):
NTL INFRASTRUCTURE - NOTTINGHAM,
DONCASTER, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:13:00 Win2K-f 190.48.14.125 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

09:18:00 Win2K-f 82.248.57.81 (PROXAD.NET):
PROXAD / FREE SAS,
CANNES, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

09:33:00 Win2K-f 189.58.148.103 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

09:35:00 Win2K-f 93.156.171.129 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:09:58:00 Win2K-f 91.66.3.76 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:10:00:00 Win2K-f 202.63.215.6 (CUBEXS.NET.PK):
CUBEXS PRIVATE LMITED,
KARACHI, SINDH, PK. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:15:00 Win2K-f 200.114.10.234 (INTERCABLE.NET.CO):
TV CABLE PROMISION S.A,
BUCARAMANGA, SANTANDER, CO. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:17:00 Win2K-f 78.85.130.130 (RELINFO.RU):
OJSC VOLGATELECOM,
RU. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

10:59:00 Win2K-f 200.71.107.223 (TELESAT.COM.CO):
COLDECON,
CALI, VALLE DEL CAUCA, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:12:00 Win2K-f 61.60.210.68 (-):
YEONG JIA LEH CABLE TV CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:11:18:00 Win2K-f 94.102.6.225 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:36:00 Win2K-f 81.91.65.228 (SKYTURN.NET):
GROUPE ECRITEL FRANCE,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:39:00 Win2K-f 59.104.84.58 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

11:44:00 Win2K-f 190.48.14.125 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
AR:190.48.14.125:3307
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

11:53:00 Win2K-f 88.85.22.68 (NET2000.CH):
BROADBAND CUSTOMER,
NEUCHATEL, NEUCHATEL, CH. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:11:54:00 Win2K-f 195.16.59.37 (IMS-CPM.RU):
INTEGRATED MARKETING OOO,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

12:07:00 Win2K-f 114.47.59.123 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:08:00 Win2K-f 190.156.185.130 (CABLE.NET.CO):
TV CABLE S.A,
CO. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:12:08:00 Win2K-f 59.104.84.58 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:12:13:00 Win2K-f 93.156.171.129 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:30:00 Win2K-f 190.137.69.103 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

12:47:00 Win2K-f 200.112.145.221 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

12:52:00 Win2K-f 195.16.59.37 (IMS-CPM.RU):
INTEGRATED MARKETING OOO,
MOSCOW, MOSKVA, RU. (100Mbps) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:13:03:00 Win2K-f 201.16.236.183 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:06:00 Win2K-f 81.91.65.228 (SKYTURN.NET):
GROUPE ECRITEL FRANCE,
PARIS, ILE-DE-FRANCE, FR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:13:21:00 Win2K-f 88.69.32.254 (ARCOR-IP.NET):
ARCOR AG & CO. KG,
DE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

13:25:00 Win2K-f 94.28.160.96 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

T:13:30:00 Win2K-f 82.28.22.24 (NTL.COM):
NTLI,
IPSWICH, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

13:38:00 Win2K-f 82.28.22.24 (NTL.COM):
NTLI,
IPSWICH, ENGLAND, UK. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:13:50:00 Win2K-f 117.53.3.19 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
TOKYO, TOKYO, JP. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:52:00 Win2K-f 201.16.236.183 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

13:58:00 Win2K-f 130.13.238.34 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 33 of 36 15717cd327
[Firefox:14 hits: 11-05 to 01-29] 5b359cd0eb [0] ASM:Graph
PeCompact| lines=2438
embedded dns trace

T:14:06:00 Win2K-f 200.112.145.221 (NET.AR):
BROADBANDTECH S. A,
MENDOZA, MENDOZA, AR. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

14:08:00 Win2K-f 190.54.137.179 (CHILESAT.NET):
TELMEX SERVICIOS EMPRESARIALES S.A,
CL. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
190.54.137.179:6277
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 bd35d4d98f
[Firefox:68 hits: 11-27 to 01-29] none[3] none:none
Armadillo| none trace

T:14:17:00 Win2K-f 186.9.47.112 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:14:28:00 Win2K-f 190.153.121.2 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:14:41:00 Win2K-f 81.89.193.13 (MORE7.COM):
MEG KOMMUNIKATIONSSYSTEME GMBH,
HEIDELBERG, BADEN-WURTTEMBERG, DE. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:14:43:00 Win2K-f 93.156.194.174 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:55:00 Win2K-f 24.86.180.3 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LANGLEY, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

14:57:00 Win2K-f 190.0.81.50 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. n/a US:www.maxmind.com
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:15:03:00 Win2K-f 203.73.158.66 (HI-SQUARE.COM.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:04:00 Win2K-f 94.28.160.96 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

15:12:00 Win2K-f 88.1.122.83 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

15:13:00 Win2K-f 190.51.183.182 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:21:00 Win2K-f 59.125.198.180 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:64.246.48.99:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
4 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:25:00 Win2K-f 93.97.20.68 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80
93.97.20.68:8340 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

15:48:00 Win2K-f 201.52.179.87 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

15:55:00 Win2K-f 124.83.22.192 (PLDT.NET):
BNKC7300I01_CONSUMER,
PH. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

15:57:00 Win2K-f 203.73.158.66 (HI-SQUARE.COM.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:15:58:00 Win2K-f 200.35.213.203 (SUPERCABLE.NET.VE):
SUPERCABLE,
CARACAS, DISTRITO FEDERAL, VE. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

16:13:00 Win2K-f 94.42.41.247 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:15:00 Win2K-f 124.83.22.192 (PLDT.NET):
BNKC7300I01_CONSUMER,
PH. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:21:00 Win2K-f 221.125.204.54 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:22:00 Win2K-f 202.53.85.142 (NETTLINX.COM):
NETTLINX LIMITED,
HYDERABAD, ANDHRA PRADESH, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:28:00 Win2K-f 201.52.179.87 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

16:35:00 Win2K-f 211.21.133.8 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:16:36:00 Win2K-f 211.21.133.8 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

16:36:00 Win2K-f 190.141.91.154 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:48:00 Win2K-f 201.172.96.17 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:17:05:00 Win2K-f 121.70.194.142 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:06:00 Win2K-f 190.128.12.8 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:09:00 Win2K-f 122.120.113.67 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

17:15:00 Win2K-f 122.254.58.112 (-):
PHOENIX CATV C,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:29:00 Win2K-f 88.1.122.83 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] none[3] none:none
UPX| none trace

T:17:42:00 Win2K-f 87.246.29.227 (-):
TRIPLE PLAY CLIENT OF CABLETEL PLC IN SHUMEN,
BG. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

T:17:42:00 Win2K-f 122.254.58.112 (-):
PHOENIX CATV C,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:43:00 Win2K-f 190.64.13.64 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:17:43:00 Win2K-f 190.50.87.19 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
:checkip.dyndns.org
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

17:51:00 Win2K-f 201.74.124.56 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

17:52:00 Win2K-f 122.120.113.67 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] none[3] none:none
Armadillo| none trace

17:55:00 Win2K-f 60.170.113.6 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:04:00 Win2K-f 210.55.78.69 (QUICKER.NET.NZ):
WORLD-NET LIMITED,
AUCKLAND, AUCKLAND, NZ. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:04:00 Win2K-f 121.70.194.142 (-):
BEIJING KUANDAITONG TELECOM TECHNOLOGY CO. LTD,
BEIJING, GUANGDONG, CN. n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:05:00 Win2K-f 190.50.87.19 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:18:10:00 Win2K-f 211.75.67.187 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:30:00 Win2K-f 203.67.111.14 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] none[3] none:none
StarForce| none trace

T:18:34:00 Win2K-f 190.141.91.154 (-):
. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

18:37:00 Win2K-f 87.246.29.227 (-):
TRIPLE PLAY CLIENT OF CABLETEL PLC IN SHUMEN,
BG. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] none[3] none:none
UPX| none trace

T:18:41:00 Win2K-f 190.97.137.116 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 37 29b0ab6522
[Firefox: 8 hits: 11-24 to 01-18] none[3] none:none
UPX| none trace

18:46:00 Win2K-f 210.1.60.66 (CSLOXINFO.NET):
CS LOXINFO PUBLIC COMPANY LIMITED,
TH. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

18:46:00 Win2K-f 119.103.81.180 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:52:00 Win2K-f 201.74.124.56 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:18:53:00 Win2K-f 87.96.188.57 (BLIXTVIK.NET):
BLIXTVIK INTERNET OCH TELEFONI AB,
SE. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:00:00 Win2K-f 211.74.91.149 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:00:00 Win2K-f 123.195.57.173 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:08:00 Win2K-f 60.170.113.6 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:08:00 Win2K-f 201.173.30.190 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] none[3] none:none
StarForce| none trace

T:19:09:00 Win2K-f 190.64.13.64 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

19:12:00 Win2K-f 125.232.93.216 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:26:00 Win2K-f 124.123.250.80 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

19:36:00 Win2K-f 201.168.48.237 (MARCATEL.NET.MX):
MARCATEL,
MONTERREY, NUEVO LEON, MX. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:19:38:00 Win2K-f 124.123.250.42 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

19:40:00 Win2K-f 219.81.232.72 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:44:00 Win2K-f 201.57.62.26 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:19:58:00 Win2K-f 124.123.250.104 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:20:12:00 Win2K-f 219.81.232.72 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:12:00 Win2K-f 124.123.250.51 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:20:26:00 Win2K-f 123.204.25.179 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:32:00 Win2K-f 211.74.91.149 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:43:00 Win2K-f 210.3.140.155 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:20:48:00 Win2K-f 70.68.182.164 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
COQUITLAM, BRITISH COLUMBIA, CA. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

20:48:00 Win2K-f 190.102.221.191 (-):
. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:21:11:00 Win2K-f 24.84.182.112 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 5 of 37 741c93f3c1
[Firefox:13 hits: 11-30 to 01-27] none[3] none:none
UPX| none trace

21:12:00 Win2K-f 24.84.182.112 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 5 of 37 741c93f3c1
[Firefox:13 hits: 11-30 to 01-27] none[3] none:none
UPX| none trace

T:21:24:00 Win2K-f 59.125.77.234 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:26:00 Win2K-f 123.204.25.179 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:31:00 Win2K-f 78.29.58.52 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:21:42:00 Win2K-f 216.118.226.82 (NEWACCESS.COM):
VSC SATELLITE CO,
US. (100Mbps) n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

21:51:00 Win2K-f 201.69.46.60 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:21:00 Win2K-f 209.62.53.98 (BIGMUSCLE.COM):
EVERYONES INTERNET,
HOUSTON, TEXAS, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:30:00 Win2K-f 82.115.88.20 (NET.PL):
INTERNET SOLUTIONS ISP,
TARNOW, MALOPOLSKIE, PL. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] none[3] none:none
UPX| none trace

T:22:39:00 Win2K-f 219.86.225.146 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:46:00 Win2K-f 220.128.114.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:22:51:00 Win2K-f 218.89.146.242 (-):
CHINANET-SC-GA-NETBAR,
CN. n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

22:55:00 Win2K-f 38.99.183.80 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:07:00 Win2K-f 120.50.0.50 (-):
. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:09:00 Win2K-f 125.85.230.214 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:19:00 Win2K-f 122.160.32.153 (122.AIRTELBROADBAND.IN):
ABTS-DSL-8972-DEL,
DELHI, DELHI, IN. n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 8 of 38 4f6b51ea3b
[Firefox:232 hits: 12-19 to 01-29] none[3] none:none
MEW| none trace

23:20:00 Win2K-f 82.249.120.214 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

23:27:00 Win2K-f 114.47.35.45 (-):
. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:34:00 Win2K-f 38.102.152.100 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:37:00 Win2K-f 123.49.40.193 (123.IN-ADDR.ARPA):
BTTB,
BD. n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:51:00 Win2K-f 121.8.102.93 (163DATA.COM.CN):
CHINANET GUANGDONG PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] none[3] none:none
Armadillo| none trace

T:23:52:00 Win2K-f 94.76.204.106 (-):
. n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace

T:23:55:00 Win2K-f 210.192.196.208 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 45603a001c [0] ASM:Graph
UPX| lines=174
embedded dns trace