Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

09 February 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:09:00 Win2K-f 218.75.146.65 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		139 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:13:00 Win2K-f 114.40.202.173 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:64.246.48.99:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
4 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
T:00:18:00 Win2K-f 151.20.22.61 (20-151.LIBERO.IT):
FREE INTERNET DIAL-UP SERVICES,
MILANO, LOMBARDIA, IT. (DIAL) 		n/a  
IT:151.20.22.61:5657 		445 pcap raw alerts
ruleset 		http
6 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:00:19:00 Win2K-f 114.40.202.173 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
T:00:31:00 Win2K-f 38.99.183.80 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:00:32:00 Win2K-f 116.59.133.21 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 fcb4920986
[Firefox:76 hits: 11-21 to 01-29] 		none[3] none:none
 UPX| none trace
00:50:00 Win2K-f 94.76.204.106 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
00:53:00 Win2K-f 116.59.133.21 (-):
MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 fcb4920986
[Firefox:76 hits: 11-21 to 01-29] 		none[3] none:none
 UPX| none trace
01:02:00 Win2K-f 125.84.28.126 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:12:00 Win2K-f 95.104.73.34 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:01:20:00 Win2K-f 119.1.81.250 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
01:25:00 Win2K-f 38.102.152.100 (COGENTCO.COM):
PERFORMANCE SYSTEMS INTERNATIONAL INC,
WASHINGTON, DISTRICT OF COLUMBIA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:35:00 Win2K-f 122.121.245.171 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:38:00 Win2K-f 114.32.164.29 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
01:41:00 Win2K-f 91.67.142.89 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
01:52:00 Win2K-f 95.104.73.34 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:01:54:00 Win2K-f 220.128.114.66 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:01:57:00 Win2K-f 87.15.122.158 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:05:00 Win2K-f 213.33.183.52 (-):
SOVINTEL-PKF-ATI-NET,
MOSCOW, MOSKVA, RU. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:11:00 Win2K-f 218.160.169.77 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:12:00 Win2K-f 121.254.83.173 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:20:00 Win2K-f 173.45.79.38 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:29:00 Win2K-f 189.90.240.42 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:29:00 Win2K-f 195.16.34.234 (-):
SOVINTEL-MSK-MTK-GROUP-SA-NET,
MOSCOW, MOSKVA, RU. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:02:31:00 Win2K-f 200.73.80.227 (IFX.NET.CO):
IFX NETWORKS COLOMBIA,
CO. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
02:32:00 Win2K-f 190.2.0.73 (IPLANNETWORKS.NET):
NSS S.A,
AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
02:48:00 Win2K-f 78.39.193.57 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:03:00 Win2K-f 196.31.246.19 (KARASREGION.ORG.NA):
AFRINIC,
ZA. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
T:03:07:00 Win2K-f 78.39.193.57 (-):
INFORMATION TECHNOLOGY COMPANY (ITC),
IR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:09:00 Win2K-f 125.81.128.143 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:11:00 Win2K-f 61.227.196.119 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:64.246.48.99:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:16:00 Win2K-f 218.63.239.149 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:19:00 Win2K-f 125.87.37.68 (163DATA.COM.CN):
CHINANET CHONGQING PROVINCE NETWORK,
CHONGQING, CHONGQING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
03:27:00 Win2K-f 222.86.177.74 (AGENT1.GZ.CN):
CHINANET GUIZHOU PROVINCE NETWORK,
GUIZHOU, GUIZHOU, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:31:00 Win2K-f 114.32.164.29 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 409ef22885
[Firefox:878 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
03:38:00 Win2K-f 62.16.92.122 (62.IN-ADDR.ARPA):
ISP ELVIS-TELEKOM-TVER,
RU. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:49:00 Win2K-f 218.63.239.149 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:03:52:00 Win2K-f 122.118.157.158 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
03:55:00 Win2K-f 218.75.146.197 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:01:00 Win2K-f 78.34.69.165 (NETCOLOGNE.DE):
NETCOLOGNE GMBH,
KOELN, NORDRHEIN-WESTFALEN, DE. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:02:00 Win2K-f 79.52.253.191 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:18:00 Win2K-f 60.179.231.160 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 223d8089f8
[Firefox:793 hits: 11-21 to 01-28] 		none[3] none:none
 StarForce| none trace
04:21:00 Win2K-f 190.50.105.192 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:24:00 Win2K-f 218.75.146.197 (-):
CHINANET-HN CHANGDE NODE NETWORK,
CHANGDE, HUNAN, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:29:00 Win2K-f 62.16.92.122 (62.IN-ADDR.ARPA):
ISP ELVIS-TELEKOM-TVER,
RU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
04:30:00 Win2K-f 84.122.99.233 (ONO.COM):
CABLEUROPA - ONO,
ES. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:04:45:00 Win2K-f 190.50.105.192 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:15:00 Win2K-f 190.2.0.78 (IPLANNETWORKS.NET):
NSS S.A,
AR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:24:00 Win2K-f 221.127.154.197 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:31:00 Win2K-f 190.12.73.99 (COMSAT.COM.PE):
OPTICAL IP,
LIMA, LIMA, PE. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:38:00 Win2K-f 61.227.196.119 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:48:00 Win2K-f 190.2.0.78 (IPLANNETWORKS.NET):
NSS S.A,
AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:50:00 Win2K-f 115.133.125.71 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:54:00 Win2K-f 122.118.157.158 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:05:56:00 Win2K-f 84.122.99.233 (ONO.COM):
CABLEUROPA - ONO,
ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
05:58:00 Win2K-f 117.32.199.29 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:04:00 Win2K-f 222.221.71.117 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:06:05:00 Win2K-f 59.121.194.103 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:06:00 Win2K-f 124.10.80.154 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:06:09:00 Win2K-f 207.114.187.114 (TWTELECOM.NET):
AIRWERKS,
SAN LUIS OBISPO, CALIFORNIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
06:30:00 Win2K-f 222.221.71.117 (CN.NET):
CHINANET YUNNAN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
06:30:00 Win2K-f 85.91.135.138 (DDNS.HOMELAN.BG):
DATA BG PPPOE DYNAMIC SERVICE TYPE MINIMAL,
BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:13:00 Win2K-f 122.139.106.180 (MINTEL.COM):
CNCGROUP JILIN PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:25:00 Win2K-f 190.220.8.20 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:27:00 Win2K-f 81.9.216.61 (CM-81-9-211-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
07:30:00 Win2K-f 190.141.181.222 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:07:38:00 Win2K-f 190.228.65.224 (-):
. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:02:00 Win2K-f 81.9.216.61 (CM-81-9-211-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:32:00 Win2K-f 202.132.189.158 (TTN.NET):
TAIWAN TELECOMMUNICATION NETWORK SERVICES CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
08:33:00 Win2K-f 115.133.125.71 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:08:52:00 Win2K-f 123.204.57.101 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:02:00 Win2K-f 186.0.14.194 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		8 of 37 4f88618d4f
[Firefox:113 hits: 11-29 to 01-29] 		none[3] none:none
 UPX| none trace
09:21:00 Win2K-f 124.8.187.73 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:24:00 Win2K-f 82.53.114.184 (POOL8253.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
PESCARA, ABRUZZI, IT. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
09:29:00 Win2K-f 190.228.65.224 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:36:00 Win2K-f 190.208.69.60 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:36:00 Win2K-f 123.204.57.101 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:09:39:00 Win2K-f 91.115.9.227 (TELEKOM.AT):
TELEKOM AUSTRIA AKTIENGESELLSCHAFT,
AT. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:43:00 Win2K-f 190.208.69.60 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
09:44:00 Win2K-f 190.97.149.147 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:01:00 Win2K-f 200.123.69.78 (TECHTELNET.NET):
TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A,
LA PLATA, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
10:09:00 Win2K-f 201.172.110.150 (MULTIMEDIOS.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MX. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
10:22:00 Win2K-f 60.248.116.190 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
10:33:00 Win2K-f 190.6.108.55 (-):
WILSON CONSTRUCCIONES S.A,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
10:34:00 Win2K-f 77.21.91.26 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:35:00 Win2K-f 91.191.221.97 (NS2.MAXTELECOM.BG):
MAXTELECOM,
BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:10:38:00 Win2K-f 201.254.48.241 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
10:59:00 Win2K-f 221.126.244.73 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:11:17:00 Win2K-f 82.65.189.66 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:18:00 Win2K-f 217.125.150.182 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2001039691),
MADRID, MADRID, ES. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:22:00 Win2K-f 201.254.48.241 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:11:24:00 Win2K-f 200.68.61.142 (MAIL.LYP.CL):
TEEMSR-LACNIC,
CL. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
11:36:00 Win2K-f 91.191.221.97 (NS2.MAXTELECOM.BG):
MAXTELECOM,
BG. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
11:36:00 Win2K-f 77.79.101.61 (GRID.COM.TR):
GRID BILISIM TEKNOLOJILERI A.S,
ISTANBUL, ISTANBUL, TR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:11:39:00 Win2K-f 190.220.108.33 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:11:52:00 Win2K-f 92.23.57.44 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		139 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
11:58:00 Win2K-f 115.83.131.59 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:12:07:00 Win2K-f 115.83.131.59 (-):
. 		n/a US:www.maxmind.com
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
12:17:00 Win2K-f 190.84.78.117 (CABLE.NET.CO):
TV CABLE S.A,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:12:27:00 Win2K-f 219.86.186.129 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:28:00 Win2K-f 186.9.14.116 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:12:40:00 Win2K-f 190.84.78.117 (CABLE.NET.CO):
TV CABLE S.A,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:12:55:00 Win2K-f 64.7.8.106 (MEGAPATH.NET):
MEGAPATH NETWORKS INC,
BROOKLYN, NEW YORK, US. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
12:58:00 Win2K-f 190.55.9.132 (COM.AR):
TELECENTRO S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
12:59:00 Win2K-f 190.220.86.115 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:13:02:00 Win2K-f 122.118.64.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:03:00 Win2K-f 122.118.64.160 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
13:05:00 Win2K-f 64.7.8.106 (MEGAPATH.NET):
MEGAPATH NETWORKS INC,
BROOKLYN, NEW YORK, US. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
13:18:00 Win2K-f 62.90.213.10 (BARAK.NET.IL):
ABU AYOUB ROZLIN,
TEL AVIV, TEL AVIV, IL. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:63.208.196.105:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:13:56:00 Win2K-f 196.40.12.213 (RACSA.CO.CR):
SERVIDOR ACCESO SAN JOSE,
SAN JOSE, SAN JOSE, CR. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
14:10:00 Win2K-f 87.119.91.246 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
T:14:15:00 Win2K-f 190.31.5.6 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:23:00 Win2K-f 211.75.227.134 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:36:00 Win2K-f 207.5.167.89 (SUSCOM-MAINE.NET):
GREAT WORKS INTERNET,
BRUNSWICK, MAINE, US. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:4125 hits: 06-17 to 01-27]
73f1082158
[Firefox:2047 hits: 06-18 to 01-27] 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:14:40:00 Win2K-f 211.75.227.134 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
14:41:00 Win2K-f 190.225.45.151 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:14:42:00 Win2K-f 87.119.91.246 (PESHTERA.NET):
PASAT ANTENY LTD,
BG. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
14:54:00 Win2K-f 77.58.3.78 (SOLPA.NET):
CABLECOM,
CH. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:03:00 Win2K-f 62.90.213.10 (BARAK.NET.IL):
ABU AYOUB ROZLIN,
TEL AVIV, TEL AVIV, IL. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 3862324588
[Firefox:157 hits: 11-29 to 01-21] 		none[3] none:none
 UPX| none trace
T:15:16:00 Win2K-f 190.50.92.72 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		lanman
http
27 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:23:00 Win2K-f 211.99.188.76 (-):
CCTV NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:28:00 Win2K-f 208.98.1.163 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:36:00 Win2K-f 82.64.149.167 (PROXAD.NET):
PROXAD / FREE SAS,
FR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:38:00 Win2K-f 82.249.181.153 (PROXAD.NET):
PROXAD / FREE SAS,
FOURMIES, NORD-PAS-DE-CALAIS, FR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:41:00 Win2K-f 217.69.196.36 (-):
THE COMFINANCE LTD,
RU. (100Mbps) 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
15:46:00 Win2K-f 217.69.196.36 (-):
THE COMFINANCE LTD,
RU. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:15:55:00 Win2K-f 123.195.222.78 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:01:00 Win2K-f 122.121.71.113 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:02:00 Win2K-f 203.92.40.123 (SPECTRANET.COM):
BRAODBAND ISP INDIA,
IN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:19:00 Win2K-f 77.58.3.78 (SOLPA.NET):
CABLECOM,
CH. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:20:00 Win2K-f 218.161.51.29 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:21:00 Win2K-f 208.98.1.163 (SHARKTECH.NET):
SHARKTECH INTERNET SERVICES,
MISSOULA, MONTANA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:23:00 Win2K-f 87.14.25.121 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
LUXEMBOURG, LUXEMBOURG, LU. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
16:26:00 Win2K-f 220.137.189.193 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:31:00 Win2K-f 59.116.32.97 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:32:00 Win2K-f 82.64.149.167 (PROXAD.NET):
PROXAD / FREE SAS,
FR. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:39:00 Win2K-f 60.249.145.90 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:16:48:00 Win2K-f 87.246.22.30 (MOBIFONIKA.COM):
MOBIFONIKA EXTENDED IP ADDRESS SPACE IN SLIVEN,
SLIVEN, BURGAS, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] 		none[3] none:none
 UPX| none trace
16:50:00 Win2K-f 218.161.51.29 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:16:54:00 Win2K-f 211.99.188.76 (-):
CCTV NETWORK,
BEIJING, BEIJING, CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
16:55:00 Win2K-f 190.105.21.9 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		11 of 39 f3a1362722
NEW 		none[none] none:none
 none|none none none
T:16:56:00 Win2K-f 203.122.11.100 (SPECTRANET.COM):
SPECTRA NET LIMITED,
DELHI, DELHI, IN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:13:00 Win2K-f 59.117.0.163 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:14:00 Win2K-f 59.116.32.97 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:25:00 Win2K-f 190.208.76.129 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:27:00 Win2K-f 190.157.91.83 (CABLE.NET.CO):
TV CABLE S.A,
CO. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
17:36:00 Win2K-f 190.208.76.129 (-):
. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:41:00 Win2K-f 203.92.40.123 (SPECTRANET.COM):
BRAODBAND ISP INDIA,
IN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:17:43:00 Win2K-f 190.51.30.71 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
17:49:00 Win2K-f 200.75.249.135 (CABLEONDA.NET):
CABLE ONDA,
PANAMA CITY, PANAMA, PA. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:03:00 Win2K-f 187.31.0.127 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:08:00 Win2K-f 203.122.11.100 (SPECTRANET.COM):
SPECTRA NET LIMITED,
DELHI, DELHI, IN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:13:00 Win2K-f 82.4.194.218 (NTL.COM):
NTL INFRASTRUCTURE - BELFAST,
LUTON, ENGLAND, UK. (DSL) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:17:00 Win2K-f 203.67.20.103 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
18:52:00 Win2K-f 190.120.134.210 (-):
. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
18:54:00 Win2K-f 59.106.68.46 (SAKURA.AD.JP):
SAKURA INTERNET INC,
JP. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:18:55:00 Win2K-f 123.195.83.101 (ETHOME.COM.TW):
TUNG HO MULTIMEDIA CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:05:00 Win2K-f 203.67.20.103 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:07:00 Win2K-f 87.246.22.30 (MOBIFONIKA.COM):
MOBIFONIKA EXTENDED IP ADDRESS SPACE IN SLIVEN,
SLIVEN, BURGAS, BG. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		9 of 38 e1a2e3980d
[Firefox:29 hits: 12-05 to 01-26] 		none[3] none:none
 UPX| none trace
T:19:10:00 Win2K-f 218.89.146.224 (-):
CHINANET-SC-GA-NETBAR,
CN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:23:00 Win2K-f 201.173.45.156 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
T:19:31:00 Win2K-f 203.122.11.100 (SPECTRANET.COM):
SPECTRA NET LIMITED,
DELHI, DELHI, IN. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:35:00 Win2K-f 218.161.51.29 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:38:00 Win2K-f 24.83.200.240 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:19:45:00 Win2K-f 66.77.86.50 (BAYSHOREHOSTING.COM):
BAYSHORE SOLUTIONS,
TAMPA, FLORIDA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
19:56:00 Win2K-f 190.2.0.77 (IPLANNETWORKS.NET):
NSS S.A,
AR. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:02:00 Win2K-f 93.156.203.52 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:17:00 Win2K-f 89.19.15.2 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
20:25:00 Win2K-f 82.102.12.11 (DOTMEDIA.COM.PT):
NFSI-COLO-52660A,
PORTO, PORTO, PT. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:29:00 Win2K-f 201.173.45.156 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
20:31:00 Win2K-f 77.23.72.101 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
20:38:00 Win2K-f 218.108.20.40 (-):
HANGZHOU JIAOTONG BUREAU,
HANGZHOU, ZHEJIANG, CN. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:20:44:00 Win2K-f 166.61.228.121 (VA.US):
MCI TELECOMMUNICATIONS,
MIDLOTHIAN, VIRGINIA, US. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
20:50:00 Win2K-f 166.61.228.121 (VA.US):
MCI TELECOMMUNICATIONS,
MIDLOTHIAN, VIRGINIA, US. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
20:53:00 Win2K-f 201.172.228.79 (INTERCABLE.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MONTERREY, NUEVO LEON, MX. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		24 of 38 668d660efb
[Firefox: 2 hits: 01-04 to 01-18] 		none[3] none:none
 UPX| none trace
T:20:56:00 Win2K-f 201.172.228.79 (INTERCABLE.NET):
TELEVISION INTERNACIONAL S.A. DE C.V,
MONTERREY, NUEVO LEON, MX. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		24 of 38 668d660efb
[Firefox: 2 hits: 01-04 to 01-18] 		none[3] none:none
 UPX| none trace
T:21:01:00 Win2K-f 122.3.52.38 (PLDT.NET):
IPG,
PH. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:17:00 Win2K-f 122.122.147.194 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:20:00 Win2K-f 122.122.147.194 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:20:00 Win2K-f 61.217.152.201 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:21:00 Win2K-f 190.254.43.98 (-):
. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:22:00 Win2K-f 190.0.73.161 (ASTER.COM.DO):
ASTER,
SANTO DOMINGO, DISTRITO NACIONAL, DO. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
21:36:00 Win2K-f 66.77.86.50 (BAYSHOREHOSTING.COM):
BAYSHORE SOLUTIONS,
TAMPA, FLORIDA, US. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:39:00 Win2K-f 124.11.65.72 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
21:41:00 Win2K-f 125.116.82.203 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:21:46:00 Win2K-f 79.108.143.86 (G-M-I.NET):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:49:00 Win2K-f 125.116.82.203 (163DATA.COM.CN):
CHINANET-ZJ NINGBO NODE NETWORK,
NINGBO, ZHEJIANG, CN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 dc331fb791
[Firefox:1799 hits: 11-24 to 01-29] 		none[3] none:none
 UPX| none trace
T:21:57:00 Win2K-f 60.51.82.77 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KULIM, KEDAH, MY. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:21:57:00 Win2K-f 122.117.100.116 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
22:02:00 Win2K-f 60.51.82.77 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KULIM, KEDAH, MY. 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
US:204.13.249.70:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
7 lines 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:15:00 Win2K-f 207.42.179.22 (FICOHSA.HN):
SPLK/BH/HONDUTEL,
TEGUCIGALPA, FRANCISCO MORAZAN, HN. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.69.70:80
US:67.15.94.80:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
22:34:00 Win2K-f 91.65.116.149 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
T:22:42:00 Win2K-f 124.8.23.149 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:44:00 Win2K-f 202.169.60.126 (SOLTIUS.CO.ID):
BIZNET-SOLTIUS-BLOCK,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:22:46:00 Win2K-f 59.125.157.142 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:checkip.dyndns.org
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:47:00 Win2K-f 124.8.23.149 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
22:59:00 Win2K-f 59.125.157.142 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:01:00 Win2K-f 92.46.52.127 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:checkip.dyndns.org
:getmyip.co.uk
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:07:00 Win2K-f 219.126.64.74 (ICNTV.NE.JP):
ICHIHARA COMMUNITY NETWORK TV CO.LTD,
ICHIHARA, CHIBA, JP. 		n/a US:www.maxmind.com
:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		7 of 37 7587773eea
[Firefox:1058 hits: 11-30 to 01-29] 		none[3] none:none
 StarForce| none trace
23:13:00 Win2K-f 89.19.15.2 (CIZGIBILGISAYAR.COM):
CIZGI BILGISAYAR SISTEMLERI SAN. TIC. LTD. STI,
TR. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
T:23:14:00 Win2K-f 190.152.2.154 (ANDINANET.NET):
ANDINATEL S.A,
EC. 		n/a US:www.maxmind.com
US:checkip.dyndns.org
:getmyip.co.uk
US:www.getmyip.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:19:00 Win2K-f 122.117.100.116 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
US:www.getmyip.org
:getmyip.co.uk
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 216ec67841
[Firefox:236 hits: 11-20 to 01-29] 		none[3] none:none
 StarForce| none trace
T:23:27:00 Win2K-f 202.42.147.90 (-):
APPCO PTE LTD,
SG. (100Mbps) 		n/a US:www.maxmind.com
US:www.getmyip.org
:checkip.dyndns.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
23:29:00 Win2K-f 83.102.206.12 (CORBINA.NET):
CORBINA-INTERMED,
RU. (100Mbps) 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		4 of 37 8ce32ded17
[Firefox:562 hits: 11-26 to 01-29] 		none[3] none:none
 Armadillo| none trace
T:23:30:00 Win2K-f 122.127.99.166 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:www.maxmind.com
:getmyip.co.uk
:checkip.dyndns.org
US:www.getmyip.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
23:36:00 Win2K-f 202.42.147.90 (-):
APPCO PTE LTD,
SG. (100Mbps) 		n/a US:www.maxmind.com
:checkip.dyndns.org
US:www.getmyip.org
:getmyip.co.uk
208.78.69.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 917c085aca
[Firefox:465 hits: 11-25 to 01-29] 		none[3] none:none
 Armadillo| none trace
23:40:00 Win2K-f 82.66.244.145 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. (DSL) 		n/a   445 pcap raw alerts
ruleset 		http
14 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:23:44:00 Win2K-f 207.42.179.22 (FICOHSA.HN):
SPLK/BH/HONDUTEL,
TEGUCIGALPA, FRANCISCO MORAZAN, HN. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
US:checkip.dyndns.org
208.78.68.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		2 of 37 d60e538e72
[Firefox:1957 hits: 11-22 to 01-29] 		none[3] none:none
 UPX| none trace
T:23:46:00 Win2K-f 115.43.217.166 (-):
. 		n/a US:www.maxmind.com
:getmyip.co.uk
US:www.getmyip.org
:checkip.dyndns.org
US:204.13.249.70:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
[Firefox:19556 hits: 11-20 to 01-29] 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace